🌐
Snyk
security.snyk.io › snyk vulnerability database › linux › chainguard
python-3.9 - Vulnerability
Security vulnerabilities and package health score for chainguard:latest package python-3.9
🌐
CVE Details
cvedetails.com › version › 651294 › Python-Python-3.9.0.html
Python Python 3.9.0 security vulnerabilities, CVEs
Vulnerability statistics provide a quick overview for security vulnerabilities of Python » Python » version 3.9.0 .
Discussions
Corporate IT have banned all versions of python lower than the latest
Don't know what your environments look like, but we upgraded almost all of ours to 3.12, I would definitely recommend it. Most packages are already up to date. That being said, if IT doesn't understand why you might need to run 3.11 for some packages, can't you simply provide them a list of the packages that don't support 3.12 and tell them you'll upgrade those systems when their dependencies catch up? More on reddit.com
🌐 r/Python
218
942
November 21, 2023
Report of Open Redirect Vulnerability in Python 3.9.11 - Utilizing Simple HTTP
Bug report Bug description: Vulnerability Details: Affected Version: Python 3.9.11 Vulnerability Type: Open Redirect Payload: //interact.sh//.. Description: During our testing and analysis, we id... More on github.com
🌐 github.com
6
April 26, 2024
CVE-2022-2068 on python:3.9-slim-buster image
we are using python:3.9-slim-buster image for our service and in can report it being reported with vulnerability CVE-2022-2068 and the remediation is to update openssl to 1.1.1q . Could someone please help me to update openssl package to 1.1.1q in python:3.9-slim-buster image. fyi, ... More on forums.docker.com
🌐 forums.docker.com
0
0
January 4, 2023
CVE-2021-45960 vulnerability in python 3.9-slim
Images with python 3.9-slim (dfcf03d7f1eb) have a version of expat (2.2.10) that is identified as a critical vulnerability when scanned with GCP On Demand Scanning API. More on github.com
🌐 github.com
6
February 15, 2022
🌐
Maikuolan
maikuolan.github.io › Vulnerability-Charts › python.html
Vulnerability Charts – Python
January 7, 2026 - A chart of which Python versions are safe/unsafe, and their CVSS.
🌐
Reddit
reddit.com › r/python › corporate it have banned all versions of python lower than the latest
r/Python on Reddit: Corporate IT have banned all versions of python lower than the latest
November 21, 2023 -

I.e. right now they are insisting we use v3.12 only because older versions have some vulnerabilities their scanner picked up.

I need to somehow explain that this is a terrible idea and that many packages won't support the most up to date version without causing them to panic and overstep even more.

This requirement is company wide (affects development, data science and analytics).

Edit - thanks for all the advice, I think the crux is that they don't understand how the versioning works and are confusing major and minor versions. I will explain this and hopefully we will be able to use the latest minor versions for 3.11/3.10/3.9

Top answer
1 of 5
707
Don't know what your environments look like, but we upgraded almost all of ours to 3.12, I would definitely recommend it. Most packages are already up to date. That being said, if IT doesn't understand why you might need to run 3.11 for some packages, can't you simply provide them a list of the packages that don't support 3.12 and tell them you'll upgrade those systems when their dependencies catch up?
2 of 5
159
And yet some corporate IT have also banned all Python newer than 2.7.
🌐
Readthedocs
python-security.readthedocs.io › vulnerabilities.html
Python Security Vulnerabilities — Python Security 0.0 documentation
The canonical database for vulnerabilities affecting Python is available on GitHub in the Open Source Vulnerability (OSV) format.
🌐
Snyk
snyk.io › test › docker › python:3.9-slim
Vulnerability report for Docker python:3.9-slim | Snyk
Learn more about Docker python:3.9-slim vulnerabilities. Docker image python has 38 known vulnerabilities found in 98 vulnerable paths.
🌐
IBM
community.ibm.com › community › user › discussion › latest-python-3918-is-affected-by-cve-2023-6597-vulnerability
Latest Python (3.9.18) is affected by CVE-2023-6597 vulnerability | Open Source Development
Hi Team, Latest python 3.9.18 version in the toolbox is being affected by CVE-2023-6597Wondering if there is something in the scope to resolve this?Thanks in a
🌐
CVE Details
cvedetails.com › vulnerability-list › vendor_id-10210 › product_id-18230 › version_id-651294 › Python-Python-3.9.0.html
Python Python version 3.9.0 : Security vulnerabilities, CVEs
June 29, 2021 - An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.
🌐
GitHub
github.com › python › cpython › issues › 118312
Report of Open Redirect Vulnerability in Python 3.9.11 - Utilizing Simple HTTP · Issue #118312 · python/cpython
April 26, 2024 - Bug report Bug description: Vulnerability Details: Affected Version: Python 3.9.11 Vulnerability Type: Open Redirect Payload: //interact.sh//.. Description: During our testing and analysis, we identified that when using Simple HTTP in ...
Author   barttran2k
Find elsewhere
🌐
Vulmon
vulmon.com › home › search results
python python 3.9.0 vulnerabilities and exploits
Vulmon Recent Vulnerabilities Research Posts Trends Blog Docs About Contact Vulmon Alerts ... In Python 3.6 up to and including 3.6.10, 3.7 up to and including 3.7.8, 3.8 up to and including 3.8.4rc1, and 3.9 up to and including 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application.
🌐
CVE Details
cvedetails.com › version › 1371155 › Python-Python-3.9.9.html
Python Python 3.9.9 security vulnerabilities, CVEs
Python Python version 3.9.9 security vulnerabilities, CVEs, exploits, vulnerability statistics, CVSS scores and references
🌐
Cybersecurity Help
cybersecurity-help.cz › vdb › python_org › python › 3.9.0
Known Vulnerabilities in Python 3.9.0
List of known vulnerabilities in Python in version 3.9.0
🌐
Debian
security-tracker.debian.org › tracker › source-package › python3.9
Information on source package python3.9
python3.9 in the Package Tracking System · python3.9 in the Bug Tracking System · python3.9 source code ·
🌐
Stack
stack.watch › product › python › python
Python Security Vulnerabilities in 2026 - stack.watch
An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.
🌐
CVE Details
cvedetails.com › vulnerability-list › vendor_id-10210 › product_id-18230 › Python-Python.html
Python Python : Security vulnerabilities, CVEs
Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected.
🌐
Python
python.org › downloads › release › python-3914
Python Release Python 3.9.14 | Python.org
gh-87389: http.server: Fix an open redirection vulnerability in the HTTP server when an URI path starts with //. gh-93065: Fix contextvars HAMT implementation to handle iteration over deep trees to avoid a potential crash of the interpreter. gh-90355: Fix ensurepip environment isolation for the subprocess running pip. According to the release calendar specified in PEP 596, Python 3.9 is now in the "security fixes only" stage of its life cycle: the 3.9 branch only accepts security fixes and releases of those are made irregularly in source-only form until October 2025.
🌐
Snyk
snyk.io › test › docker › python:3.9.7
Vulnerability report for Docker python:3.9.7 | Snyk
Upgrade Debian:11 python3.9 to version 3.9.2-1+deb11u2 or higher.
🌐
Python
python.org › downloads › release › python-394
Python Release Python 3.9.4 | Python.org
October 31, 2025 - Code that requires the former vulnerable behavior may set a trust_server_pasv_ipv4_address attribute on their ftplib.FTP instances to True to re-enable it. bpo-43439: Add audit hooks for gc.get_objects(), gc.get_referrers() and gc.get_referents(). Patch by Pablo Galindo. Some of the new major new features and changes in Python 3.9 are:
🌐
Docker Community
forums.docker.com › general
CVE-2022-2068 on python:3.9-slim-buster image - General - Docker Community Forums
January 4, 2023 - we are using python:3.9-slim-buster image for our service and in can report it being reported with vulnerability CVE-2022-2068 and the remediation is to update openssl to 1.1.1q . Could someone please help me to update o…
🌐
GitHub
github.com › docker-library › python › issues › 699
CVE-2021-45960 vulnerability in python 3.9-slim · Issue #699 · docker-library/python
February 15, 2022 - Images with python 3.9-slim (dfcf03d7f1eb) have a version of expat (2.2.10) that is identified as a critical vulnerability when scanned with GCP On Demand Scanning API.
Author   roryjbd
Related queries
python 3.7 vulnerabilities
python 3.12.3 vulnerabilities
python 3.9 5 vulnerabilities reddit
python 3.9 5 vulnerabilities list
python 3.10.14 vulnerabilities
python 3.6 vulnerabilities
python 3.6.8 vulnerabilities
python code vulnerabilities