Skip to content

Navigation Menu

Sign in

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Issues: python/cpython

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
91 Open 1,146 Closed
91 Open 1,146 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

[3.9] gh-134062: Fix hash collisions in IPv4Network and IPv6Network (GH-134063) awaiting review type-security A security issue
#134481 opened May 22, 2025 by miss-islington Loading…
[3.10] gh-134062: Fix hash collisions in IPv4Network and IPv6Network (GH-134063) awaiting review type-security A security issue
#134480 opened May 22, 2025 by miss-islington Loading…
[3.11] gh-134062: Fix hash collisions in IPv4Network and IPv6Network (GH-134063) awaiting review type-security A security issue
#134479 opened May 22, 2025 by miss-islington Loading…
[3.12] gh-134062: Fix hash collisions in IPv4Network and IPv6Network (GH-134063) awaiting review type-security A security issue
#134478 opened May 22, 2025 by miss-islington Loading…
[3.9] gh-133767: Fix use-after-free in the unicode-escape decoder with an error handler (GH-129648) (GH-133944) awaiting core review type-security A security issue
#134346 opened May 20, 2025 by serhiy-storchaka Loading…
[3.10] gh-133767: Fix use-after-free in the unicode-escape decoder with an error handler (GH-129648) (GH-133944) awaiting core review type-security A security issue
#134345 opened May 20, 2025 by serhiy-storchaka Loading…
[3.11] gh-133767: Fix use-after-free in the unicode-escape decoder with an error handler (GH-129648) (GH-133944) awaiting core review type-security A security issue
#134341 opened May 20, 2025 by serhiy-storchaka Loading…
[3.12] gh-133767: Fix use-after-free in the unicode-escape decoder with an error handler (GH-129648) (GH-133944) awaiting core review type-security A security issue
#134337 opened May 20, 2025 by serhiy-storchaka Loading…
[3.12] Fix use-after-free in the unicode-escape decoder with error handler (GH-133767) awaiting review topic-unicode type-crash A hard crash of the interpreter, possibly with a core dump type-security A security issue
#134255 opened May 19, 2025 by mcepl Loading…
Excessive hash collisions in IPv4Network and IPv6Network classes stdlib Python modules in the Lib dir type-bug An unexpected behavior, bug, or error type-security A security issue
#134062 opened May 15, 2025 by mssalvatore
1
Use-after-free in unicode_escape decoder with error handler 3.9 only security fixes 3.10 only security fixes 3.11 only security fixes 3.12 only security fixes 3.13 bugs and security fixes 3.14 bugs and security fixes 3.15 new features, bugs and security fixes interpreter-core (Objects, Python, Grammar, and Parser dirs) release-blocker topic-unicode type-crash A hard crash of the interpreter, possibly with a core dump type-security A security issue
#133767 opened May 9, 2025 by sethmlarson
@serhiy-storchaka
1
Report of Open Redirect Vulnerability in Python 3.9.19 - Utilizing Simple HTTP 3.9 only security fixes 3.10 only security fixes 3.11 only security fixes 3.12 only security fixes 3.13 bugs and security fixes 3.14 bugs and security fixes pending The issue will be closed if no feedback is provided stdlib Python modules in the Lib dir type-bug An unexpected behavior, bug, or error type-security A security issue
#132826 opened Apr 23, 2025 by hnagashimauu
4
[3.9] gh-80222: Fix email address header folding with long quoted-string (GH-122753) (GH-129111) awaiting merge topic-email type-security A security issue
#132371 opened Apr 10, 2025 by brianschubert Loading…
1
Add OpenSSL 3.5 support to CPython infrastructure build The build process and cross-build extension-modules C modules in the Modules dir topic-SSL type-feature A feature request or enhancement type-security A security issue
#132339 opened Apr 10, 2025 by scw
1
gh-128840: Limit the number of parts in IPv6 address parsing awaiting merge needs backport to 3.9 only security fixes needs backport to 3.10 only security fixes needs backport to 3.11 only security fixes needs backport to 3.12 only security fixes needs backport to 3.13 bugs and security fixes needs backport to 3.14 bugs and security fixes type-security A security issue
#128841 opened Jan 14, 2025 by sethmlarson Loading…
12
IPv6 address parsing doesn't limit buffer size stdlib Python modules in the Lib dir type-bug An unexpected behavior, bug, or error type-security A security issue
#128840 opened Jan 14, 2025 by sethmlarson
1
TarFile.extractall(..., filter='tar') arbitrary file chmod 3.9 only security fixes 3.10 only security fixes 3.11 only security fixes 3.12 only security fixes 3.13 bugs and security fixes 3.14 bugs and security fixes stdlib Python modules in the Lib dir type-bug An unexpected behavior, bug, or error type-security A security issue
#127987 opened Dec 16, 2024 by jwilk
4
Reconsider XML Security warnings / obsolete vulnerabilities docs Documentation in the Doc dir topic-XML type-security A security issue
#127502 opened Dec 2, 2024 by hannob
Ensure builtin hashlib implementations honor usedforsecurity=True when _hashlib is in FIPS mode extension-modules C modules in the Modules dir topic-SSL type-feature A feature request or enhancement type-security A security issue
#127298 opened Nov 26, 2024 by xnox
3
Update SBOM generation to meet new guidance from CISA type-security A security issue
#123038 opened Aug 15, 2024 by sethmlarson
8 tasks
@sethmlarson
1
Missing audit events for python -i and python -m asyncio 3.8 (EOL) end of life 3.9 only security fixes 3.10 only security fixes 3.11 only security fixes 3.12 only security fixes 3.13 bugs and security fixes 3.14 bugs and security fixes topic-repl Related to the interactive shell type-security A security issue
#121957 opened Jul 18, 2024 by ambv
@ambv
1
Disallow setting an empty list for NPN in CPython 3.9 and earlier 3.8 (EOL) end of life 3.9 only security fixes type-security A security issue
#121227 opened Jul 1, 2024 by sethmlarson
1
gh-119452: Fix OOM vulnerability in http.server needs backport to 3.9 only security fixes needs backport to 3.10 only security fixes needs backport to 3.11 only security fixes needs backport to 3.12 only security fixes needs backport to 3.13 bugs and security fixes needs backport to 3.14 bugs and security fixes type-security A security issue
#119455 opened May 23, 2024 by serhiy-storchaka Draft
2
gh-119451: Fix OOM vulnerability in http.client needs backport to 3.9 only security fixes needs backport to 3.10 only security fixes needs backport to 3.11 only security fixes needs backport to 3.12 only security fixes needs backport to 3.13 bugs and security fixes needs backport to 3.14 bugs and security fixes type-security A security issue
#119454 opened May 23, 2024 by serhiy-storchaka Draft
2
OOM vulnerability in the CGI server on Windows 3.8 (EOL) end of life 3.9 only security fixes 3.10 only security fixes 3.11 only security fixes 3.12 only security fixes 3.13 bugs and security fixes 3.14 bugs and security fixes stdlib Python modules in the Lib dir topic-IO type-security A security issue
#119452 opened May 23, 2024 by serhiy-storchaka
3
ProTip! Mix and match filters to narrow down what you’re looking for.
Morty Proxy This is a proxified and sanitized view of the page, visit original site.