python2.7 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the python2.7 package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Inefficient Regular Expression Complexity

*
  • L
CVE-2024-6923

*
  • L
CVE-2024-5642

*
  • L
CVE-2024-0397

*
  • L
CVE-2024-0450

*
  • M
CVE-2023-40217

<2.7.18-8+deb11u1
  • M
Race Condition

<2.7.18-8+deb11u1
  • H
Use After Free

<2.7.18-8+deb11u1
  • C
XML External Entity (XXE) Injection

<2.7.18-8+deb11u1
  • M
Improper Input Validation

*
  • H
Improper Input Validation

<2.7.18-8+deb11u1
  • H
Algorithmic Complexity

*
  • L
Open Redirect

*
  • H
Incorrect Type Conversion or Cast

*
  • H
Arbitrary Command Injection

*
  • H
Arbitrary Code Injection

<2.7.18-8+deb11u1
  • M
Unchecked Return Value

*
  • M
Resource Exhaustion

*
  • H
Resource Exhaustion

*
  • M
HTTP Request Smuggling

<2.7.18-8+deb11u1
  • C
Buffer Overflow

<2.7.18-2
  • L
CVE-2020-27619

*
  • H
Improper Encoding or Escaping of Output

*
  • L
Improper Input Validation

<2.7.18-2
  • L
Resource Exhaustion

*
  • L
Resource Exhaustion

<2.7.18-2
  • L
Arbitrary Code Injection

<2.7.18~rc1-1
  • M
Cross-site Scripting (XSS)

<2.7.17~rc1-1
  • H
CVE-2019-16056

<2.7.17~rc1-1
  • M
Improper Input Validation

<2.7.16-3
  • C
Credentials Management

<2.7.16-3
  • M
CRLF Injection

<2.7.16-3
  • C
Directory Traversal

<2.7.16-2
  • M
CRLF Injection

<2.7.16-3
  • C
CVE-2019-9636

<2.7.16-2
  • H
NULL Pointer Dereference

<2.7.15-6
  • C
Arbitrary Command Injection

<2.7.15-5
  • H
Missing Initialization of Resource

<2.7.15-5
  • L
CVE-2013-1753

<2.7.9-1
  • L
Directory Traversal

<2.7.8-1
  • L
Open Redirect

<2.7.12-2
  • L
CVE-2018-1061

<2.7.14-7
  • L
CVE-2018-1060

<2.7.14-7
  • L
Out-of-bounds Write

<2.7.14-5
  • L
Arbitrary Code Injection

*
  • C
Integer Overflow or Wraparound

<2.7.13-4
  • M
Out-of-Bounds

<2.7.7-1
  • C
Integer Overflow or Wraparound

<2.7.12~rc1-1
  • M
Protection Mechanism Failure

<2.7.12~rc1-1
  • M
HTTP Response Splitting

<2.7.10~rc1-1
  • M
Improper Data Handling

<2.7.9-1
  • M
CVE-2014-9365

<2.7.9-1
  • L
Numeric Errors

<2.7.8-1
  • L
Cryptographic Issues

*
  • L
Out-of-Bounds

<2.7.6-6
  • L
Resource Management Errors

<2.7.5-5
  • L
Improper Input Validation

<2.7.5-8
  • M
Resource Management Errors

<2.7.3~rc1-1
  • L
Cryptographic Issues

<2.7.3~rc1-1
  • L
Access Restriction Bypass

<2.7.3~rc2-2
  • L
Cross-site Scripting (XSS)

<2.7.2-8
  • M
Improper Input Validation

<2.7.3~rc1-1
  • M
Resource Management Errors

<2.7.1-7
  • L
CVE-2010-3492

<2.7.8-11
  • L
Out-of-Bounds

<2.7-1
  • L
Numeric Errors

<2.7-1