![](https://secure.gravatar.com/avatar/b5a0900288ad3a29fd4a5ef260486055.jpg?s=120&d=mm&r=g)
[CVE-2024-5642] Buffer over-read in SSLContext.set_npn_protocols() for Python 3.9 and earlier
by Seth Larson June 27, 2024
by Seth Larson June 27, 2024
June 27, 2024
1
0
![](https://secure.gravatar.com/avatar/b5a0900288ad3a29fd4a5ef260486055.jpg?s=120&d=mm&r=g)
[CVE-2024-0397] Memory race condition in ssl.SSLContext certificate store methods
by Seth Larson June 17, 2024
by Seth Larson June 17, 2024
June 17, 2024
1
0
1
0
![](https://secure.gravatar.com/avatar/b5a0900288ad3a29fd4a5ef260486055.jpg?s=120&d=mm&r=g)
[CVE-2024-4030] tempfile.mkdtemp() may be readable and writeable by all users on Windows
by Seth Larson May 9, 2024
by Seth Larson May 9, 2024
May 9, 2024
2
1
![](https://secure.gravatar.com/avatar/f96e020357b4a421390564f722b130b2.jpg?s=120&d=mm&r=g)
[CVE-2023-6597] tempfile.TemporaryDirectory dereferences symlinks during cleanup
by Ee Durbin March 19, 2024
by Ee Durbin March 19, 2024
March 19, 2024
1
0
1
0
![](https://secure.gravatar.com/avatar/b5a0900288ad3a29fd4a5ef260486055.jpg?s=120&d=mm&r=g)
[CVE-2023-6507] Groups not dropped before running subprocess when using empty 'extra_groups' parameter
by Seth Larson Dec. 8, 2023
by Seth Larson Dec. 8, 2023
Dec. 8, 2023
1
0
![](https://secure.gravatar.com/avatar/b5a0900288ad3a29fd4a5ef260486055.jpg?s=120&d=mm&r=g)
[CVE-2023-5752] Mercurial configuration injectable in repo revision when installing via pip
by Seth Larson Oct. 24, 2023
by Seth Larson Oct. 24, 2023
Oct. 24, 2023
1
0
![](https://secure.gravatar.com/avatar/b5a0900288ad3a29fd4a5ef260486055.jpg?s=120&d=mm&r=g)
Aug. 28, 2023
1
0
![](https://secure.gravatar.com/avatar/b5a0900288ad3a29fd4a5ef260486055.jpg?s=120&d=mm&r=g)
[CVE-2022-48564] DoS when reading malformed Apple Property List files in binary format
by Seth Larson Aug. 28, 2023
by Seth Larson Aug. 28, 2023
Aug. 28, 2023
1
0