All 62 CVE vulnerabilities found in CPython, with AI-generated Chinese analysis, references, and POCs.
This page aggregates Common Weakness Enumerations (CWE) associated with CPython, the official reference implementation of the Python programming language developed by the Python Software Foundation. It compiles security advisories and vulnerability records for the CPython core interpreter and its standard library modules, covering historical data from 2000 through 2024. Users can utilize this resource to track vendor-specific advisories issued by the Python Security Response Team, analyze trends within specific weakness classes such as buffer overflows or injection flaws, and investigate the detailed vulnerability history of specific CPython releases. The data includes information on impact severity, affected versions, and patch status, providing a comprehensive view of the security landscape for this widely used open-source software. By centralizing these reports, the page facilitates efficient security auditing and risk assessment for organizations relying on CPython for their backend infrastructure or development environments. This structured overview helps developers and security professionals understand the evolution of security fixes and identify potential gaps in their current deployment strategies without sifting through disparate announcement archives.
Vendor: Python Software Foundation
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-0450 | Quoted zip-bomb protection for zipfile CWE-405 | 6.2 | Medium | 2024-03-19 |
| CVE-2023-6507 | Groups not dropped before running subprocess when using empty 'extra_groups' parameter CWE-269 | 6.1 | Medium | 2023-12-08 |
All 62 known CVE vulnerabilities affecting CPython with full Chinese analysis, references, and POCs where available.