Python : Security Vulnerabilities, CVEs, Published In 2016 (Code Execution) CVSS score >= 2

CVE-2016-9190

Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in Storage.c component.
Max CVSS
7.8
EPSS Score
0.34%
Published
2016-11-04
Updated
2017-07-01

CVE-2016-4472

The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and CVE-2015-2716.
Max CVSS
8.1
EPSS Score
1.37%
Published
2016-06-30
Updated
2023-02-12

CVE-2016-0718

Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
Max CVSS
9.8
EPSS Score
0.81%
Published
2016-05-26
Updated
2023-02-12
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close