python 3.11 vulnerabilities

Python Python version 3.11 security vulnerabilities, CVEs, exploits, vulnerability statistics, CVSS scores and references

Snyk

security.snyk.io › snyk vulnerability database › linux › wolfi

python-3.11 - Vulnerability

Security vulnerabilities and package health score for wolfi:latest package python-3.11

Discussions

Corporate IT have banned all versions of python lower than the latest

Don't know what your environments look like, but we upgraded almost all of ours to 3.12, I would definitely recommend it. Most packages are already up to date. That being said, if IT doesn't understand why you might need to run 3.11 for some packages, can't you simply provide them a list of the packages that don't support 3.12 and tell them you'll upgrade those systems when their dependencies catch up? More on reddit.com

r/Python

218

942

November 21, 2023

Getting High and Medium Vulnerabilities in Python 3.11.4

Hi, I installed python version 3.11.4 via its package Python-3.11.4.tgz on a centos 7 based docker container image. Image Scanning via Google Scanner displays 19 High Vulnerabilities (snapshot attached). Any plans to fix those vulnerabilities ? I am working on a critical project, and cannot ... More on discuss.python.org

discuss.python.org

7

0

June 28, 2023

python311-3.11.14 vulnerable but no alternatives/updates | The FreeBSD Forums

# pkg audit -F vulnxml file up-to-date python311-3.11.14 is vulnerable: python -- several vulnerabilities CVE: CVE-2025-13836 CVE: CVE-2025-12084 WWW... More on forums.freebsd.org

forums.freebsd.org

December 20, 2025

[bitnami/python] : Vulnerability findings in Python 3.10, 3.11 & 3.12

Name and Version bitnami/python:3.10, bitnami/python:3.11, bitnami/python:3.12 What architecture are you using? amd64 What steps will reproduce the bug? There are some vulnerability findings I came across while making a regular scan. Rep... More on github.com

github.com

5

September 13, 2024

Sliplane

sliplane.io › tools › cve › library › python:3.11

Known Vulnerabilities (CVE) in library/python:3.11 | Sliplane.io

Docker Image Scan Results. All known vulnerabilities in library/python:3.11. Docker Image vulnerability scanner.

Maikuolan

maikuolan.github.io › Vulnerability-Charts › python.html

Vulnerability Charts – Python

January 7, 2026 - A chart of which Python versions are safe/unsafe, and their CVSS.

reddit.com › r/python › corporate it have banned all versions of python lower than the latest

r/Python on Reddit: Corporate IT have banned all versions of python lower than the latest

November 21, 2023 -

I.e. right now they are insisting we use v3.12 only because older versions have some vulnerabilities their scanner picked up.

I need to somehow explain that this is a terrible idea and that many packages won't support the most up to date version without causing them to panic and overstep even more.

This requirement is company wide (affects development, data science and analytics).

Edit - thanks for all the advice, I think the crux is that they don't understand how the versioning works and are confusing major and minor versions. I will explain this and hopefully we will be able to use the latest minor versions for 3.11/3.10/3.9

Top answer

1 of 5

707

Don't know what your environments look like, but we upgraded almost all of ours to 3.12, I would definitely recommend it. Most packages are already up to date. That being said, if IT doesn't understand why you might need to run 3.11 for some packages, can't you simply provide them a list of the packages that don't support 3.12 and tell them you'll upgrade those systems when their dependencies catch up?

2 of 5

159

And yet some corporate IT have also banned all Python newer than 2.7.

CVE Details

cvedetails.com › version › 1946864 › Python-Python-3.11.11.html

Python Python 3.11.11 security vulnerabilities, CVEs

Python Python version 3.11.11 security vulnerabilities, CVEs, exploits, vulnerability statistics, CVSS scores and references

Snyk

security.snyk.io › snyk vulnerability database › linux › chainguard

python-3.11 vulnerabilities | Snyk

Known vulnerabilities in the python-3.11 package.

Cybersecurity Help

cybersecurity-help.cz › vdb › python_org › python › 3.11.2

Known Vulnerabilities in Python 3.11.2

Multiple vulnerabilities in Oracle Communications Diameter Signaling Router22 Oct, 2025 High Patched · Improper input validation in Python zipfile module14 Oct, 2025 Medium Patched

Python.org

discuss.python.org › python help

Getting High and Medium Vulnerabilities in Python 3.11.4 - Python Help - Discussions on Python.org

June 28, 2023 - Hi, I installed python version 3.11.4 via its package Python-3.11.4.tgz on a centos 7 based docker container image. Image Scanning via Google Scanner displays 19 High Vulnerabilities (snapshot attached). Any plans to fix…

Find elsewhere

Google Bing Mojeek

Vulert

vulert.com › vuln-db › almalinux-8-python3-11-139268

Important: python3.11 security update

The python3.11 package is affected by two security vulnerabilities: path traversal on tempfile.TemporaryDirectory and zip-bombs in the zipfile module. It is crucial to update to version 3.11.9-1.el8_10 or later to mitigate these vulnerabilities ...

GitHub

github.com › advisories › GHSA-65fx-pmw6-rcfm

An issue was discovered in Python 3.11 through 3.11.4. If... · CVE-2023-41105 · GitHub Advisory Database · GitHub

August 23, 2023 - There are plausible cases in which an application would have rejected a filename for security reasons in Python 3.10.x or earlier, but that filename is no longer rejected in Python 3.11.x. ... https://mail.python.org/archives/list/security-announce@python.org/thread/D6CDW3ZZC5D444YGL3VQUY6D4ECMCQLD/ https://security.netapp.com/advisory/ntap-20231006-0015/ ... This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS).

Snyk

security.snyk.io › snyk vulnerability database › linux › chainguard

Arbitrary Command Injection in python-3.11 | CVE-2024-9287 | Snyk

November 4, 2024 - A vulnerability has been found in the CPython venv module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie ...

FreeBSD

forums.freebsd.org › ports and packages › installation and maintenance of ports or packages

python311-3.11.14 vulnerable but no alternatives/updates | The FreeBSD Forums

December 20, 2025 - python --version Python 3.11.13 pkg audit -F vulnxml file up-to-date python311-3.11.13_1 is vulnerable: python -- several vulnerabilities CVE: CVE-2025-13836 CVE: CVE-2025-12084 WWW: https://vuxml.freebsd.org/freebsd/613d0f9e-d477-11f0-9e85...

GitHub

github.com › bitnami › containers › issues › 72409

[bitnami/python] : Vulnerability findings in Python 3.10, 3.11 & 3.12 · Issue #72409 · bitnami/containers

September 13, 2024 - Name and Version bitnami/python:3.10, bitnami/python:3.11, bitnami/python:3.12 What architecture are you using? amd64 What steps will reproduce the bug? There are some vulnerability findings I came across while making a regular scan. Rep...

Author msachinraj

Cybersecurity Help

cybersecurity-help.cz › vdb › soft › python_org › python › 3.11.1

Known vulnerabilities in Python.org Python 3.11.1

3.15.0a7 3.12.13 3.11.15 3.10.20 3.15.0a6 3.13.12 3.14.3 3.15.0a5 3.15.0a4 3.15.0a3 3.14.2 3.13.11 3.14.1 3.13.10 3.15.0a2 3.9 3.9.25 3.15.0a1 3.13.9 3.11.14 3.10.19 3.9.24 3.12.12 3.13.8 3.14.0rc3 3.14.0rc2 3.13.7 3.13.6 3.14.0rc1 3.14.0b4 3.14.0 3.14.0b3 3.13.5 3.13.4 3.12.11 3.11.13 3.9.23 3.10.18 3.14.0b2 3.14.0b1 3.14.0a7 3.13.3 3.12.10 3.11.12 3.9.22 3.10.17 3.14.0a6 3.14.0a5 3.14.0a4 3.14.0a3 3.14.0a2 3.14.0a1 3.13.0rc3 3.13.0rc2 3.13.0rc1 3.13.0b4 3.13.0b3 3.13.0b2 3.13.0b1 3.13.0a6 3.13.0a5 3.13.0a4 3.13.0a3 3.13.0a2 3.13.0a1 3.12.0rc3 3.12.0rc2 3.12.0rc1 3.12.0b4 3.12.0b3 3.12.0b2 3.

CVE Details

cvedetails.com › version › 1817938 › Python-Python-3.11.9.html

Python Python 3.11.9 security vulnerabilities, CVEs

Vulnerability statistics provide a quick overview for security vulnerabilities of Python » Python » version 3.11.9 .

Readthedocs

python-security.readthedocs.io › vulnerabilities.html

Python Security Vulnerabilities — Python Security 0.0 documentation

The canonical database for vulnerabilities affecting Python is available on GitHub in the Open Source Vulnerability (OSV) format.

CVE Details

cvedetails.com › vulnerability-list › vendor_id-10210 › product_id-18230 › version_id-702159 › Python-Python-3.11.0.html

Python Python version 3.11.0 : Security vulnerabilities, CVEs

(The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.) ... The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument.

CVE Details

cvedetails.com › vulnerability-list › vendor_id-10210 › product_id-18230 › Python-Python.html

Python Python : Security vulnerabilities, CVEs

An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\0' bytes is passed to os.path.normpath(), the path will be truncated unexpectedly at the first '\0' byte.

dSPACE

dspace.com › en › inc › home › support › patches › suppatchrelease › py311secup.cfm

Python 3.11 Security Update - dSPACE

September 2, 2025 - Installed dSPACE Products might give warnings about incompatible newer versions of Python.