tkinter vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the tkinter package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • L
Resource Exhaustion

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
CVE-2024-6923

*
  • L
Race Condition

*
  • L
Improper Input Validation

*
  • L
Expected Behavior Violation

*
  • M
Multiple Interpretations of UI Input

*
  • M
Use After Free

*
  • M
XML External Entity (XXE) Injection

*
  • M
Race Condition

*
  • H
Authentication Bypass by Primary Weakness

<0:2.7.5-94.el7_9
  • M
Uncontrolled Recursion

*
  • M
Improper Input Validation

*
  • H
Improper Input Validation

<0:2.7.5-93.el7_9
  • M
Resource Exhaustion

*
  • M
Directory Traversal

*
  • M
Incorrect Type Conversion or Cast

*
  • M
Arbitrary Code Injection

*
  • M
Unchecked Return Value

*
  • M
Resource Exhaustion

*
  • L
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Use of a Broken or Risky Cryptographic Algorithm

<0:2.7.5-69.el7_5
  • M
Improper Input Validation

<0:2.7.5-38.el7_2
  • M
Improper Input Validation

<0:2.7.5-38.el7_2
  • M
Protection Mechanism Failure

<0:2.7.5-38.el7_2
  • M
Improper Neutralization of Special Elements

<0:2.7.5-34.el7
  • M
Resource Exhaustion

<0:2.7.5-34.el7
  • M
Integer Overflow or Wraparound

<0:2.7.5-34.el7
  • M
Resource Exhaustion

<0:2.7.5-34.el7
  • M
Resource Exhaustion

*
  • M
Buffer Overflow

<0:2.7.5-92.el7_9
  • M
HTTP Request Smuggling

*
  • M
Eval Injection

*
  • M
Improper Input Validation

<0:2.7.5-90.el7
  • M
HTTP Response Splitting

<0:2.7.5-92.el7_9
  • M
HTTP Response Splitting

<0:2.7.5-92.el7_9
  • M
Cross-site Scripting (XSS)

<0:2.7.5-89.el7
  • M
Improper Input Validation

<0:2.7.5-88.el7
  • M
NULL Pointer Dereference

<0:2.7.5-86.el7
  • M
Improper Input Validation

<0:2.7.5-88.el7
  • M
HTTP Response Splitting

*
  • M
HTTP Response Splitting

<0:2.7.5-86.el7
  • M
Exposed Dangerous Method or Function

<0:2.7.5-86.el7
  • M
HTTP Response Splitting

<0:2.7.5-86.el7
  • M
Improper Input Validation

<0:2.7.5-76.el7
  • M
Improper Input Validation

<0:2.7.5-76.el7
  • L
Heap-based Buffer Overflow

*
  • H
Encoding Error

<0:2.7.5-77.el7_6
  • M
Integer Overflow or Wraparound

*
  • L
Improper Input Validation

<0:2.7.5-48.el7
  • M
Insufficient Verification of Data Authenticity

<0:2.7.5-58.el7
  • L
Improper Handling of Highly Compressed Data (Data Amplification)

*
  • M
Improper Validation of Array Index

<0:2.7.5-34.el7
  • H
Encoding Error

<0:2.7.5-80.el7_6
  • M
Improper Initialization

<0:2.7.5-86.el7
  • M
Cryptographic Issues

*
  • M
Information Exposure

*
  • M
Out-of-Bounds

*