Skip to content

Issues: python/cpython

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
68 Open 852 Closed
68 Open 852 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

CRLF Injection vulnerability in "email.mime.multipart" > "MIMEMultipart" > "add_header()" expert-email type-bug An unexpected behavior, bug, or error type-security A security issue
#100612 opened Dec 30, 2022 by motoyasu-saburi
Upgrade OpenSSL bundled with windows to 1.1.1s release-blocker type-feature A feature request or enhancement type-security A security issue
#100180 opened Dec 11, 2022 by mattip
4
os.path.normpath of relative path r".\C:\x" returns absolute path r"C:\x" on Windows, similar in pathlib 3.7 3.8 3.9 3.10 3.11 3.12 OS-windows stdlib Python modules in the Lib dir type-bug An unexpected behavior, bug, or error type-security A security issue
#100162 opened Dec 10, 2022 by gpshead
7
Directory traversal in uu module / uu.decode type-bug An unexpected behavior, bug, or error type-security A security issue
#99889 opened Nov 30, 2022 by hannob
shutil.copy2 race condition leading to local file disclosure type-bug An unexpected behavior, bug, or error type-security A security issue
#96719 opened Sep 9, 2022 by janschejbal
gh-87389: avoid treating path as URI with netloc
3.12 awaiting change review stdlib Python modules in the Lib dir type-feature A feature request or enhancement type-security A security issue
#93894 opened Jun 16, 2022 by nascheme Loading…
@gpshead @nascheme
24
gh-91826: [WIP] Enable cert and hostname verification for stdlib
awaiting core review DO-NOT-MERGE type-security A security issue
#91875 opened Apr 24, 2022 by tiran Draft
1
Enable TLS certificate validation by default for SMTP/IMAP/FTP/POP/NNTP protocols expert-email expert-SSL type-feature A feature request or enhancement type-security A security issue
#91826 opened Apr 22, 2022 by The-Compiler
17
Update macOS installer builds to use ncurses 6.3 3.10 3.11 3.12 build The build process and cross-build OS-mac type-security A security issue
#91132 opened Mar 10, 2022 by ned-deily
@ned-deily
4
Improper Input Validation in urlparse 3.9 type-security A security issue
#91026 opened Feb 27, 2022 by P0cas mannequin
4
Hostname spoofing via backslashes in URL 3.11 stdlib Python modules in the Lib dir type-security A security issue
#90735 opened Jan 30, 2022 by meetdash mannequin
2
codec name acceptance became way too lenient in 3.9 3.9 3.10 3.11 3.12 type-bug An unexpected behavior, bug, or error type-security A security issue
#90666 opened Jan 25, 2022 by gpshead
3
Discourage logging f-strings due to security considerations 3.7 3.8 3.9 3.10 3.11 docs Documentation in the Doc dir stdlib Python modules in the Lib dir type-security A security issue
#90358 opened Dec 30, 2021 by ariebovenberg mannequin
13
SimpleCookie.js_output is vulnerable to HTML injection 3.11 stdlib Python modules in the Lib dir type-security A security issue
#90309 opened Dec 22, 2021 by trungpaaa mannequin
1
Prohibit invisible control characters in string literals and comments 3.11 interpreter-core (Objects, Python, Grammar, and Parser dirs) type-security A security issue
#89968 opened Nov 15, 2021 by stevendaprano
1
zoneinfo.ZoneInfo does not check for Windows device names 3.9 3.10 3.11 OS-windows stdlib Python modules in the Lib dir type-bug An unexpected behavior, bug, or error type-security A security issue
#88992 opened Aug 4, 2021 by apple502j mannequin
2
[security] Open redirect attack due to insufficient validation in Urlparse 3.7 3.8 3.9 3.10 3.11 stdlib Python modules in the Lib dir type-security A security issue
#88907 opened Jul 26, 2021 by ready-research mannequin
5
Dangerous mismatch between MAXPATHLEN and MAX_PATH on Windows 3.7 3.8 OS-windows type-security A security issue
#88822 opened Jul 16, 2021 by izbyshev mannequin
1
Quoting issue on header Reply-To and other address headers 3.9 expert-email type-security A security issue
#88803 opened Jul 14, 2021 by Abridbus mannequin
13
"tarfile" library will lead to "write any content to any file on the host". 3.7 stdlib Python modules in the Lib dir type-security A security issue
#88189 opened May 3, 2021 by leveryd mannequin
5
Denial of service on http.server module with large request method. type-security A security issue
#87979 opened Apr 12, 2021 by DEMON1A mannequin
3
Fix tempfile.mktemp() 3.10 stdlib Python modules in the Lib dir type-security A security issue
#87770 opened Mar 23, 2021 by dlukes mannequin
4
email MIME splitting 3.7 3.8 3.9 3.10 expert-email type-security A security issue
#87289 opened Feb 4, 2021 by martinortner mannequin
3
a python embedded program may load "C:\Lib\os.py" on windows system 3.8 interpreter-core (Objects, Python, Grammar, and Parser dirs) OS-windows type-security A security issue
#87068 opened Jan 12, 2021 by houjingyi233 mannequin
7
Clear audit hooks after destructors 3.8 3.9 3.10 interpreter-core (Objects, Python, Grammar, and Parser dirs) type-security A security issue
#85334 opened Jun 29, 2020 by zooba
7
ProTip! Type g i on any issue or pull request to go back to the issue listing page.