CVE Details
cvedetails.com › version › 1371187 › Python-Python-3.12.html
Python Python 3.12 security vulnerabilities, CVEs
Python Python version 3.12 security vulnerabilities, CVEs, exploits, vulnerability statistics, CVSS scores and references
Snyk
security.snyk.io › snyk vulnerability database › linux › wolfi
python-3.12 - Vulnerability
Security vulnerabilities and package health score for wolfi:latest package python-3.12
Critical Vulnerabilities in Python 3.12 stdlib on Azure Functions Docker Image
I am currently building and deploying an Azure Function using Python 3.12 in a Docker container. Upon running security scans (e.g., with pip-audit and safety), I encountered multiple critical/high vulnerabilities associated with stdlib version 1.20.14,… More on learn.microsoft.com
1
0
[bitnami/python] : Vulnerability findings in Python 3.10, 3.11 & 3.12
Name and Version bitnami/python:3.10, bitnami/python:3.11, bitnami/python:3.12 What architecture are you using? amd64 What steps will reproduce the bug? There are some vulnerability findings I came across while making a regular scan. Rep... More on github.com
5
September 13, 2024Update Python to Version 3.12
It appears that the current Python version used in the MSC project is vulnerable to a number of high severity security issues that have been disclosed to the public. To address these vulnerabilities, I propose bumping the Python version 3.12, which includes patches for these CVEs. More on github.com
19
February 20, 2024[deleted by user]
Few ways: update the base image if possible. Idk if python:3.10-slim is a latest-style tag or if subversions exist? use the image package manager to install the fix yourself uninstall the affected package entirely if you are not using it if you are not using the package and it’s installed by default, look for a less bloated image More on reddit.com
8
3
April 8, 2023Reddit
reddit.com › r/python › corporate it have banned all versions of python lower than the latest
r/Python on Reddit: Corporate IT have banned all versions of python lower than the latest
November 21, 2023 -
I.e. right now they are insisting we use v3.12 only because older versions have some vulnerabilities their scanner picked up.
I need to somehow explain that this is a terrible idea and that many packages won't support the most up to date version without causing them to panic and overstep even more.
This requirement is company wide (affects development, data science and analytics).
Edit - thanks for all the advice, I think the crux is that they don't understand how the versioning works and are confusing major and minor versions. I will explain this and hopefully we will be able to use the latest minor versions for 3.11/3.10/3.9
Top answer 1 of 5
707
Don't know what your environments look like, but we upgraded almost all of ours to 3.12, I would definitely recommend it. Most packages are already up to date. That being said, if IT doesn't understand why you might need to run 3.11 for some packages, can't you simply provide them a list of the packages that don't support 3.12 and tell them you'll upgrade those systems when their dependencies catch up?
2 of 5
159
And yet some corporate IT have also banned all Python newer than 2.7.
Maikuolan
maikuolan.github.io › Vulnerability-Charts › python.html
Vulnerability Charts – Python
January 7, 2026 - A chart of which Python versions are safe/unsafe, and their CVSS.
Sweet
sweet.security › blog › python-tar-file-vulnerability-cve-2024-12718-what-you-need-to-know
Critical Python Tarfile Vulnerability (CVE-2024-12718) Explained
June 4, 2025 - Python versions 3.12 and newer are affected. The vulnerability specifically impacts use of the tarfile module when extracting archives using filter="data" (the default in Python 3.14+) or filter="tar".
CVE Details
cvedetails.com › version › 2065837 › Python-Python-3.12.12.html
Python Python 3.12.12 security vulnerabilities, CVEs
Python Python version 3.12.12 security vulnerabilities, CVEs, exploits, vulnerability statistics, CVSS scores and references
Microsoft Learn
learn.microsoft.com › en-us › answers › questions › 2107897 › critical-vulnerabilities-in-python-3-12-stdlib-on
Critical Vulnerabilities in Python 3.12 stdlib on Azure Functions Docker Image - Microsoft Q&A
I am currently building and deploying an Azure Function using Python 3.12 in a Docker container. Upon running security scans (e.g., with pip-audit and safety), I encountered multiple critical/high vulnerabilities associated with stdlib version 1.20.14,…
CVE Details
cvedetails.com › version › 1661684 › Python-Python-3.10.12.html
Python Python 3.10.12 security vulnerabilities, CVEs
Python Python version 3.10.12 security vulnerabilities, CVEs, exploits, vulnerability statistics, CVSS scores and references
Vulert
vulert.com › vuln-db › almalinux-8-python3-12-171556
Security Update for Python 3.12: Addressing Multiple Vulnerabilities
September 24, 2024 - The vulnerabilities in Python 3.12 include incorrect handling of IPv4 and IPv6 private ranges (CVE-2024-4032), improper quoting of newlines in email headers within the email module leading to header injection (CVE-2024-6923), and a potential ...
Medium
medium.com › @maninder.bindra › vulnerability-analysis-of-python-base-container-images-for-a-flask-gunicorn-application-e7e45176cf4b
Vulnerability analysis of python base container images for a flask/gunicorn application | by Maninderjit (Mani) Bindra | Medium
April 18, 2025 - As we can see from the trivy output below this image has over a 1000 vulnerabilities including over a 100 high severity or critical vulnerabilities · $ trivy -q image pyapp3-12:0.1 | grep "Total:" | head -1 ✔ 0.07s Total: 1441 (UNKNOWN: 87, LOW: 695, MEDIUM: 548, HIGH: 106, CRITICAL: 5) Next, we try the slimmer variant python:3.12-slim base image from dockerhub.
Cybersecurity Help
cybersecurity-help.cz › vdb › soft › python_org › python › 3.12.3
Known vulnerabilities in Python.org Python 3.12.3
3.15.0a7 3.12.13 3.11.15 3.10.20 3.15.0a6 3.13.12 3.14.3 3.15.0a5 3.15.0a4 3.15.0a3 3.14.2 3.13.11 3.14.1 3.13.10 3.15.0a2 3.9 3.9.25 3.15.0a1 3.13.9 3.11.14 3.10.19 3.9.24 3.12.12 3.13.8 3.14.0rc3 3.14.0rc2 3.13.7 3.13.6 3.14.0rc1 3.14.0b4 3.14.0 3.14.0b3 3.13.5 3.13.4 3.12.11 3.11.13 3.9.23 3.10.18 3.14.0b2 3.14.0b1 3.14.0a7 3.13.3 3.12.10 3.11.12 3.9.22 3.10.17 3.14.0a6 3.14.0a5 3.14.0a4 3.14.0a3 3.14.0a2 3.14.0a1 3.13.0rc3 3.13.0rc2 3.13.0rc1 3.13.0b4 3.13.0b3 3.13.0b2 3.13.0b1 3.13.0a6 3.13.0a5 3.13.0a4 3.13.0a3 3.13.0a2 3.13.0a1 3.12.0rc3 3.12.0rc2 3.12.0rc1 3.12.0b4 3.12.0b3 3.12.0b2 3.
NIST
nvd.nist.gov › products › cpe › detail › 1344009
NVD - Detail - cpe:2.3:a:python:python:3.12:*:*:*:*:*:*:*
python · Version: 3.12 · Created On: 02/24/2023 · Last Modified On: 12/08/2023 · View Vulnerabilities
Vulert
vulert.com › vuln-db › rocky-linux-9-python3-12-150458
Moderate Vulnerability in Python 3.12: Email Module Header Injection
September 17, 2024 - The vulnerability arises from the email module in Python 3.12, which fails to properly quote newlines in email headers. This oversight allows for header injection attacks, where an attacker can manipulate email headers to execute malicious actions ...
GitHub
github.com › bitnami › containers › issues › 72409
[bitnami/python] : Vulnerability findings in Python 3.10, 3.11 & 3.12 · Issue #72409 · bitnami/containers
September 13, 2024 - Name and Version bitnami/python:3.10, bitnami/python:3.11, bitnami/python:3.12 What architecture are you using? amd64 What steps will reproduce the bug? There are some vulnerability findings I came across while making a regular scan. Rep...
Author msachinraj
Sliplane
sliplane.io › tools › cve › library › python:3.12.0
Known Vulnerabilities (CVE) in library/python:3.12.0 | Sliplane.io
Docker Image Scan Results. All known vulnerabilities in library/python:3.12.0. Docker Image vulnerability scanner.
GitHub
github.com › munki › munki › issues › 1204
Update Python to Version 3.12 · Issue #1204 · munki/munki
February 20, 2024 - It appears that the current Python version used in the MSC project is vulnerable to a number of high severity security issues that have been disclosed to the public. To address these vulnerabilities, I propose bumping the Python version 3.12, which includes patches for these CVEs.
Author skargbo
Linux Security
linuxsecurity.com › home › news › security vulnerabilities › new python vuln exposes linux systems to memory exhaustion risks
New Python Vuln Exposes Linux Systems to Memory Exhaustion Risks
December 20, 2024 - Attention Linux administrators and Python developers! A crucial security alert regarding a high-severity vulnerability, CVE-2024-12254, has just been issued, affecting systems running Python versions 3.12.0 or later.
CVE Details
cvedetails.com › version › 2065835 › Python-Python-3.12.10.html
Python Python 3.12.10 security vulnerabilities, CVEs
Python Python version 3.12.10 security vulnerabilities, CVEs, exploits, vulnerability statistics, CVSS scores and references
CVE Details
cvedetails.com › vulnerability-list › vendor_id-10210 › product_id-18230 › Python-Python.html
Python Python : Security vulnerabilities, CVEs
(The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.) ... An issue in Python cpython v.3.7 allows an attacker to obtain sensitive information via the _asyncio._swap_current_task component. NOTE: this is disputed by the vendor because (1) neither 3.7 nor any other release is affected (it is a bug in some 3.12 pre-releases); (2) there are no common scenarios in which an adversary can call _asyncio._swap_current_task but does not already have the ability to call arbitrary functions; and (3) there are no common scenarios in which sensitive information, which is not already accessible to an adversary, becomes accessible through this bug.
Python
docs.python.org › 3 › library › security_warnings.html
Security Considerations — Python 3.14.3 documentation
The following modules have specific security considerations: base64: base64 security considerations in RFC 4648, hashlib: all constructors take a “usedforsecurity” keyword-only argument disabling k...