This page lists vulnerability statistics for CVEs published in the last ten years, if any, for Python » Python » 3.12 .

Security vulnerabilities and package health score for wolfi:latest package python-3.12

January 7, 2026 - A chart of which Python versions are safe/unsafe, and their CVSS.

This page lists vulnerability statistics for CVEs published in the last ten years, if any, for Python » Python » 3.12.12 .

This page lists vulnerability statistics for CVEs published in the last ten years, if any, for Python » Python » 3.10.12 .

3.15.0a7 3.12.13 3.11.15 3.10.20 3.15.0a6 3.13.12 3.14.3 3.15.0a5 3.15.0a4 3.15.0a3 3.14.2 3.13.11 3.14.1 3.13.10 3.15.0a2 3.9 3.9.25 3.15.0a1 3.13.9 3.11.14 3.10.19 3.9.24 3.12.12 3.13.8 3.14.0rc3 3.14.0rc2 3.13.7 3.13.6 3.14.0rc1 3.14.0b4 3.14.0 3.14.0b3 3.13.5 3.13.4 3.12.11 3.11.13 3.9.23 3.10.18 3.14.0b2 3.14.0b1 3.14.0a7 3.13.3 3.12.10 3.11.12 3.9.22 3.10.17 3.14.0a6 3.14.0a5 3.14.0a4 3.14.0a3 3.14.0a2 3.14.0a1 3.13.0rc3 3.13.0rc2 3.13.0rc1 3.13.0b4 3.13.0b3 3.13.0b2 3.13.0b1 3.13.0a6 3.13.0a5 3.13.0a4 3.13.0a3 3.13.0a2 3.13.0a1 3.12.0rc3 3.12.0rc2 3.12.0rc1 3.12.0b4 3.12.0b3 3.12.0b2 3.

Vulnerability statistics provide a quick overview for security vulnerabilities of Python » Python » version 3.12.0 alpha1 .

June 4, 2025 - CVE-2024-12718 affects Python 3.12+ tarfile module, allowing privilege escalation and forensic evasion. Learn the risks, fixes, and how Sweet detects it.

September 24, 2024 - The vulnerabilities in Python 3.12 include incorrect handling of IPv4 and IPv6 private ranges (CVE-2024-4032), improper quoting of newlines in email headers within the email module leading to header injection (CVE-2024-6923), and a potential ...

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. ... An issue was found in CPython 3.12.0 `subprocess` module on POSIX platforms. The issue was fixed in CPython 3.12.1 and does not affect other stable releases. When using the `extra_groups=` parameter with an empty list as a value (ie `extra_groups=[]`) the logic regressed to not call `setgroups(0, NULL)` before calling `exec()`, thus not dropping the original processes' groups before starting the new process.

I am currently building and deploying an Azure Function using Python 3.12 in a Docker container. Upon running security scans (e.g., with pip-audit and safety), I encountered multiple critical/high vulnerabilities associated with stdlib version 1.20.14,…

The following modules have specific security considerations: base64: base64 security considerations in RFC 4648, hashlib: all constructors take a “usedforsecurity” keyword-only argument disabling k...

An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities. ... An issue in Python cpython v.3.7 allows an attacker to obtain sensitive information via the _asyncio._swap_current_task component. NOTE: this is disputed by the vendor because (1) neither 3.7 nor any other release is affected (it is a bug in some 3.12 pre-releases); (2) there are no common scenarios in which an adversary can call _asyncio._swap_current_task but does not already have the ability to call arbitrary functions; and (3) there are no common scenarios in which sensitive information, which is not already accessible to an adversary, becomes accessible through this bug.

April 18, 2025 - As we can see from the trivy output below this image has over a 1000 vulnerabilities including over a 100 high severity or critical vulnerabilities · $ trivy -q image pyapp3-12:0.1 | grep "Total:" | head -1  ✔  0.07s Total: 1441 (UNKNOWN: 87, LOW: 695, MEDIUM: 548, HIGH: 106, CRITICAL: 5) Next, we try the slimmer variant python:3.12-slim base image from dockerhub.

This page lists vulnerability statistics for CVEs published in the last ten years, if any, for Python » Python » 3.12.10 .

3.15.0a6 3.13.12 3.14.3 3.15.0a5 3.15.0a4 3.15.0a3 3.14.2 3.13.11 3.14.1 3.13.10 3.15.0a2 3.9 3.9.25 3.15.0a1 3.13.9 3.11.14 3.10.19 3.9.24 3.12.12 3.13.8 3.14.0rc3 3.14.0rc2 3.13.7 3.13.6 3.14.0rc1 3.14.0b4 3.14.0 3.14.0b3 3.13.5 3.13.4 3.12.11 3.11.13 3.9.23 3.10.18 3.14.0b2 3.14.0b1 3.14.0a7 3.13.3 3.12.10 3.11.12 3.9.22 3.10.17 3.14.0a6 3.14.0a5 3.14.0a4 3.14.0a3 3.14.0a2 3.14.0a1 3.13.0rc3 3.13.0rc2 3.13.0rc1 3.13.0b4 3.13.0b3 3.13.0b2 3.13.0b1 3.13.0a6 3.13.0a5 3.13.0a4 3.13.0a3 3.13.0a2 3.13.0a1 3.12.0rc3 3.12.0rc2 3.12.0rc1 3.12.0b4 3.12.0b3 3.12.0b2 3.12.0b1 3.12.0a7 3.12.0a6 3.12.0a5

Docker Image Scan Results. All known vulnerabilities in library/python:3.12.0. Docker Image vulnerability scanner.

September 13, 2024 - [bitnami/python] : Vulnerability findings in Python 3.10, 3.11 & 3.12#72409 · Copy link · Assignees ·

Multiple vulnerabilities in Oracle Communications Diameter Signaling Router22 Oct, 2025 High Patched · Improper input validation in Python zipfile module14 Oct, 2025 Medium Patched