OSV - Open Source Vulnerabilities

BIT-python-2026-3087

Bitnami/python

shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs

2 days ago

No fix available
Severity - 6.0 (Medium)

BIT-python-min-2026-3087

Bitnami/python-min

shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs

2 days ago

No fix available
Severity - 6.0 (Medium)

BIT-libpython-2026-3087

Bitnami/libpython

shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs

2 days ago

No fix available
Severity - 6.0 (Medium)

PSF-2026-22

github.com/python/cpython

See record for full details

4 days ago

Fix available

BIT-python-min-2026-6019

Bitnami/python-min

BaseCookie.js_output() does not neutralize embedded characters

24 Apr

No fix available
Severity - 2.1 (Low)

BIT-python-2026-6019

Bitnami/python

BaseCookie.js_output() does not neutralize embedded characters

24 Apr

No fix available
Severity - 2.1 (Low)

BIT-libpython-2026-6019

Bitnami/libpython

BaseCookie.js_output() does not neutralize embedded characters

24 Apr

No fix available
Severity - 2.1 (Low)

BIT-python-min-2026-3298

Bitnami/python-min

Out-of-bounds write in Windows asyncio.ProacterEventLoop.sock_recvfrom_into() when using nbytes

23 Apr

No fix available
Severity - 8.8 (High)

BIT-python-2026-3298

Bitnami/python

Out-of-bounds write in Windows asyncio.ProacterEventLoop.sock_recvfrom_into() when using nbytes

23 Apr

No fix available
Severity - 8.8 (High)

BIT-libpython-2026-3298

Bitnami/libpython

Out-of-bounds write in Windows asyncio.ProacterEventLoop.sock_recvfrom_into() when using nbytes

23 Apr

No fix available
Severity - 8.8 (High)

PSF-2026-21

github.com/python/cpython

See record for full details

22 Apr

Fix available

PSF-0000-CVE-2026-3298

github.com/python/cpython

See record for full details

21 Apr

Fix available

PSF-2026-20

github.com/python/cpython

See record for full details

21 Apr

Fix available

BIT-python-min-2026-6100

Bitnami/python-min

Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure

16 Apr

No fix available
Severity - 9.1 (Critical)

BIT-python-2026-6100

Bitnami/python

Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure

16 Apr

No fix available
Severity - 9.1 (Critical)

BIT-python-min-2026-5713

Bitnami/python-min

Out-of-bounds read/write during remote profiling and asyncio process introspection when connecting to malicious target

16 Apr

No fix available
Severity - 5.3 (Medium)