| Django |
CVE-2022-28346 |
严重 |
3.2.12 |
2.2.28, 3.2.13, 4.0.4 |
Django: SQL injection in QuerySet.annotate(),aggregate() and extra()
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28346
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2022-04-12 05:15 修改: 2023-11-07 03:45
|
| Django |
CVE-2022-28347 |
严重 |
3.2.12 |
2.2.28, 3.2.13, 4.0.4 |
Django: SQL injection via QuerySet.explain(options) on PostgreSQL
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28347
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2022-04-12 05:15 修改: 2023-11-07 03:45
|
| Django |
CVE-2022-34265 |
严重 |
3.2.12 |
3.2.14, 4.0.6 |
python-django: Potential SQL injection via Trunc(kind) and Extract(lookup_name) arguments
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34265
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2022-07-04 16:15 修改: 2023-11-07 03:48
|
| Django |
CVE-2023-31047 |
严重 |
3.2.12 |
3.2.19, 4.1.9, 4.2.1 |
python-django: Potential bypass of validation when uploading multiple files using one form field
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31047
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2023-05-07 02:15 修改: 2023-11-07 04:14
|
| Twisted |
CVE-2022-24801 |
严重 |
20.3.0 |
22.4.0 |
python-twisted: possible http request smuggling
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24801
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2022-04-04 18:15 修改: 2024-11-25 18:12
|
| Django |
CVE-2022-41323 |
高危 |
3.2.12 |
3.2.16, 4.0.8, 4.1.2 |
python-django: Potential denial-of-service vulnerability in internationalized URLs
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41323
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2022-10-16 06:15 修改: 2023-11-07 03:52
|
| Django |
CVE-2023-23969 |
高危 |
3.2.12 |
3.2.17, 4.0.9, 4.1.6 |
python-django: Potential denial-of-service via Accept-Language headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23969
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2023-02-01 19:15 修改: 2023-11-07 04:08
|
| Django |
CVE-2023-24580 |
高危 |
3.2.12 |
3.2.18, 4.1.7, 4.0.10 |
python-django: Potential denial-of-service vulnerability in file uploads
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24580
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2023-02-15 01:15 修改: 2023-11-07 04:08
|
| Django |
CVE-2023-36053 |
高危 |
3.2.12 |
3.2.20, 4.1.10, 4.2.3 |
python-django: Potential regular expression denial of service vulnerability in EmailValidator/URLValidator
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36053
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2023-07-03 13:15 修改: 2024-07-03 01:40
|
| Django |
CVE-2023-43665 |
高危 |
3.2.12 |
3.2.22, 4.1.12, 4.2.6 |
python-django: Denial-of-service possibility in django.utils.text.Truncator
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43665
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2023-11-03 05:15 修改: 2024-05-01 17:15
|
| Django |
CVE-2023-46695 |
高危 |
3.2.12 |
3.2.23, 4.1.13, 4.2.7 |
python-django: Potential denial of service vulnerability in UsernameField on Windows
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46695
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2023-11-02 06:15 修改: 2023-12-14 10:15
|
| Django |
CVE-2024-24680 |
高危 |
3.2.12 |
3.2.24, 4.2.10, 5.0.2 |
Django: denial-of-service in ``intcomma`` template filter
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24680
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-02-06 22:16 修改: 2024-04-20 03:15
|
| PyJWT |
CVE-2022-29217 |
高危 |
2.1.0 |
2.4.0 |
python-jwt: Key confusion through non-blocklisted public key formats
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29217
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2022-05-24 15:15 修改: 2023-11-07 03:45
|
| Django |
CVE-2022-36359 |
高危 |
3.2.12 |
3.2.15, 4.0.7 |
An issue was discovered in the HTTP FileResponse class in Django 3.2 b ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-36359
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2022-08-03 14:15 修改: 2023-11-07 03:49
|
| Twisted |
CVE-2022-21712 |
高危 |
20.3.0 |
22.1.0 |
dev-python/twisted: secret exposure in cross-origin redirects
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21712
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2022-02-07 22:15 修改: 2024-11-25 18:12
|
| Twisted |
CVE-2024-41671 |
高危 |
20.3.0 |
24.7.0rc1 |
Twisted is an event-based framework for internet applications, support ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41671
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-07-29 15:15 修改: 2024-07-29 16:21
|
| aiohttp |
CVE-2024-23334 |
高危 |
3.8.6 |
3.9.2 |
aiohttp: follow_symlinks directory traversal vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23334
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-01-29 23:15 修改: 2024-02-09 03:15
|
| aiohttp |
CVE-2024-30251 |
高危 |
3.8.6 |
3.9.4 |
aiohttp: DoS when trying to parse malformed POST requests
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30251
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-05-02 14:15 修改: 2024-05-02 18:00
|
| certifi |
CVE-2023-37920 |
高危 |
2021.5.30 |
2023.7.22 |
python-certifi: Removal of e-Tugra root certificate
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-37920
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2023-07-25 21:15 修改: 2023-08-12 06:16
|
| cryptography |
CVE-2023-0286 |
高危 |
37.0.4 |
39.0.1 |
openssl: X.400 address type confusion in X.509 GeneralName
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15
|
| cryptography |
CVE-2023-50782 |
高危 |
37.0.4 |
42.0.0 |
python-cryptography: Bleichenbacher timing oracle attack against RSA decryption - incomplete fix for CVE-2020-25659
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50782
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-02-05 21:15 修改: 2024-09-27 19:15
|
| gunicorn |
CVE-2024-1135 |
高危 |
20.1.0 |
22.0.0 |
python-gunicorn: HTTP Request Smuggling due to improper validation of Transfer-Encoding headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1135
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-04-16 00:15 修改: 2024-06-30 23:15
|
| setuptools |
CVE-2022-40897 |
高危 |
57.5.0 |
65.5.1 |
pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40897
镜像层: sha256:ae2ed30791634cdd49b4f0f95fa7236e1dd46790d0038906f2a15040a370cf37
发布日期: 2022-12-23 00:15 修改: 2024-10-29 15:35
|
| setuptools |
CVE-2024-6345 |
高危 |
57.5.0 |
70.0.0 |
pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345
镜像层: sha256:ae2ed30791634cdd49b4f0f95fa7236e1dd46790d0038906f2a15040a370cf37
发布日期: 2024-07-15 01:15 修改: 2024-07-15 13:00
|
| setuptools |
CVE-2024-6345 |
高危 |
68.0.0 |
70.0.0 |
pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-07-15 01:15 修改: 2024-07-15 13:00
|
| sqlparse |
CVE-2024-4340 |
高危 |
0.4.2 |
0.5.0 |
sqlparse: parsing heavily nested list leads to denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4340
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-04-30 15:15 修改: 2024-04-30 17:52
|
| urllib3 |
CVE-2023-43804 |
高危 |
1.26.6 |
2.0.6, 1.26.17 |
python-urllib3: Cookie request header isn't stripped during cross-origin redirects
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43804
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2023-10-04 17:15 修改: 2024-02-01 00:55
|
| wheel |
CVE-2022-40898 |
高危 |
0.37.1 |
0.38.1 |
python-wheel: remote attackers can cause denial of service via attacker controlled input to wheel cli
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40898
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2022-12-23 00:15 修改: 2022-12-30 22:15
|
| aiohttp |
CVE-2024-42367 |
中危 |
3.8.6 |
3.10.2 |
aiohttp: python-aiohttp: Compressed files as symlinks are not protected from path traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-42367
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-08-12 13:38 修改: 2024-08-12 13:41
|
| aiohttp |
CVE-2024-52304 |
中危 |
3.8.6 |
3.10.11 |
aiohttp: aiohttp vulnerable to request smuggling due to incorrect parsing of chunk extensions
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52304
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-11-18 21:15 修改: 2024-11-19 21:57
|
| Django |
CVE-2023-41164 |
中危 |
3.2.12 |
3.2.21, 4.1.11, 4.2.5 |
python-django: Potential denial of service vulnerability in ``django.utils.encoding.uri_to_iri()``
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-41164
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2023-11-03 05:15 修改: 2024-04-20 03:15
|
| certifi |
CVE-2022-23491 |
中危 |
2021.5.30 |
2022.12.07 |
python-certifi: untrusted root certificates
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23491
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2022-12-07 22:15 修改: 2023-03-24 18:12
|
| Twisted |
CVE-2022-39348 |
中危 |
20.3.0 |
22.10.0rc1 |
python-twisted: NameVirtualHost Host header injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-39348
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2022-10-26 20:15 修改: 2024-11-25 18:12
|
| Twisted |
CVE-2023-46137 |
中危 |
20.3.0 |
23.10.0rc1 |
python-twisted: disordered HTTP pipeline response in twisted.web
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46137
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2023-10-25 21:15 修改: 2024-11-25 18:12
|
| cryptography |
CVE-2023-23931 |
中危 |
37.0.4 |
39.0.1 |
python-cryptography: memory corruption via immutable objects
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23931
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2023-02-07 21:15 修改: 2024-09-05 16:09
|
| cryptography |
CVE-2023-49083 |
中危 |
37.0.4 |
41.0.6 |
python-cryptography: NULL-dereference when loading PKCS7 certificates
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-49083
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2023-11-29 19:15 修改: 2024-09-05 16:09
|
| cryptography |
CVE-2024-0727 |
中危 |
37.0.4 |
42.0.2 |
openssl: denial of service via null dereference
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-01-26 09:15 修改: 2024-10-14 15:15
|
| cryptography |
GHSA-39hc-v87j-747x |
中危 |
37.0.4 |
38.0.3 |
Vulnerable OpenSSL included in cryptography wheels
漏洞详情: https://github.com/advisories/GHSA-39hc-v87j-747x
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| cryptography |
GHSA-h4gh-qq45-vh27 |
中危 |
37.0.4 |
43.0.1 |
pyca/cryptography has a vulnerable OpenSSL included in cryptography wheels
漏洞详情: https://github.com/advisories/GHSA-h4gh-qq45-vh27
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| django-rest-framework |
CVE-2018-25045 |
中危 |
0.1.0 |
3.9.1 |
Django REST framework (aka django-rest-framework) before 3.9.1 allows ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2018-25045
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2022-07-23 02:15 修改: 2022-07-29 03:31
|
| djangorestframework |
CVE-2024-21520 |
中危 |
3.12.4 |
3.15.2 |
djangorestframework: Cross-site Scripting (XSS) via break_long_headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21520
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-06-26 05:15 修改: 2024-07-04 15:15
|
| Twisted |
CVE-2024-41810 |
中危 |
20.3.0 |
24.7.0rc1 |
python-twisted: Reflected XSS via HTML Injection in Redirect Response
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41810
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-07-29 16:15 修改: 2024-09-11 16:17
|
| idna |
CVE-2024-3651 |
中危 |
2.10 |
3.7 |
python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode()
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3651
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-07-07 18:15 修改: 2024-07-11 14:58
|
| oauthlib |
CVE-2022-36087 |
中危 |
3.1.1 |
3.2.2 |
python-oauthlib: DoS when attacker provides malicious IPV6 URI
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-36087
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2022-09-09 21:15 修改: 2023-11-07 03:49
|
| pip |
CVE-2023-5752 |
中危 |
22.2.1 |
23.3 |
pip: Mercurial configuration injectable in repo revision when installing via pip
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5752
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2023-10-25 18:17 修改: 2024-06-10 18:15
|
| pip |
CVE-2023-5752 |
中危 |
23.0.1 |
23.3 |
pip: Mercurial configuration injectable in repo revision when installing via pip
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5752
镜像层: sha256:ae2ed30791634cdd49b4f0f95fa7236e1dd46790d0038906f2a15040a370cf37
发布日期: 2023-10-25 18:17 修改: 2024-06-10 18:15
|
| requests |
CVE-2023-32681 |
中危 |
2.25.1 |
2.31.0 |
python-requests: Unintended leak of Proxy-Authorization header
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32681
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2023-05-26 18:15 修改: 2023-09-17 09:15
|
| requests |
CVE-2024-35195 |
中危 |
2.25.1 |
2.32.0 |
requests: subsequent requests to the same host ignore cert verification
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-35195
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-05-20 21:15 修改: 2024-06-10 17:16
|
| Django |
CVE-2024-27351 |
中危 |
3.2.12 |
3.2.25, 4.2.11, 5.0.3 |
python-django: Potential regular expression denial-of-service in django.utils.text.Truncator.words()
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-27351
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-03-15 20:15 修改: 2024-07-03 01:50
|
| Django |
CVE-2024-45231 |
中危 |
3.2.12 |
5.1.1, 5.0.9, 4.2.16 |
python-django: Potential user email enumeration via response status on password reset
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45231
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-10-08 16:15 修改: 2024-10-30 17:35
|
| aiohttp |
CVE-2023-49081 |
中危 |
3.8.6 |
3.9.0 |
aiohttp: HTTP request modification
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-49081
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2023-11-30 07:15 修改: 2024-01-29 14:15
|
| social-auth-app-django |
CVE-2024-32879 |
中危 |
4.0.0 |
5.4.1 |
python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32879
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-04-24 20:15 修改: 2024-04-25 13:18
|
| aiohttp |
CVE-2023-49082 |
中危 |
3.8.6 |
3.9.0 |
aiohttp: CRLF injection if user controls the HTTP method using aiohttp client
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-49082
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2023-11-29 20:15 修改: 2024-01-29 14:15
|
| sqlparse |
CVE-2023-30608 |
中危 |
0.4.2 |
0.4.4 |
sqlparse: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service)
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-30608
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2023-04-18 22:15 修改: 2023-06-14 18:14
|
| aiohttp |
CVE-2024-23829 |
中危 |
3.8.6 |
3.9.2 |
python-aiohttp: http request smuggling
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23829
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-01-29 23:15 修改: 2024-02-09 03:15
|
| urllib3 |
CVE-2023-45803 |
中危 |
1.26.6 |
2.0.7, 1.26.18 |
urllib3: Request body not stripped after redirect from 303 status changes request method to GET
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45803
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2023-10-17 20:15 修改: 2023-11-03 22:15
|
| urllib3 |
CVE-2024-37891 |
中危 |
1.26.6 |
1.26.19, 2.2.2 |
urllib3: proxy-authorization request header is not stripped during cross-origin redirects
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37891
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44
|
| aiohttp |
CVE-2024-27306 |
中危 |
3.8.6 |
3.9.4 |
aiohttp: XSS on index pages for static file handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-27306
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-04-18 15:15 修改: 2024-05-02 03:15
|
| zipp |
CVE-2024-5569 |
中危 |
3.15.0 |
3.19.1 |
github.com/jaraco/zipp: Denial of Service (infinite loop) via crafted zip file in jaraco/zipp
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5569
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-07-09 00:15 修改: 2024-07-09 18:19
|
| certifi |
CVE-2024-39689 |
低危 |
2021.5.30 |
2024.07.04 |
python-certifi: Remove root certificates from `GLOBALTRUST` from the root store
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-39689
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 2024-07-05 19:15 修改: 2024-07-08 15:49
|
| cryptography |
GHSA-5cpq-8wj7-hf2v |
低危 |
37.0.4 |
41.0.0 |
Vulnerable OpenSSL included in cryptography wheels
漏洞详情: https://github.com/advisories/GHSA-5cpq-8wj7-hf2v
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| cryptography |
GHSA-jm77-qphf-c4w8 |
低危 |
37.0.4 |
41.0.3 |
pyca/cryptography's wheels include vulnerable OpenSSL
漏洞详情: https://github.com/advisories/GHSA-jm77-qphf-c4w8
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| cryptography |
GHSA-v8gr-m533-ghj9 |
低危 |
37.0.4 |
41.0.4 |
Vulnerable OpenSSL included in cryptography wheels
漏洞详情: https://github.com/advisories/GHSA-v8gr-m533-ghj9
镜像层: sha256:b86d989f944cd93bf62a00e645011c7cacacb5781b1dc9b4378a3315ca4f106c
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|