Python 3.15.0 Alpha 2
Approved changes feed: RSS · Atom
cpe:2.3:a:python:python:3.15.0:alpha2:*:*:*:*:*:*
part: a version: 3.15.0 update: alpha2
| Vendor | Python (b57ad93a-6195-5192-9423-6cfad6044a8b) |
|---|---|
| Product | Python (fc328eef-0a85-5ddb-b629-b8866ec518c8) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:deb/debian/python |
purl2cpe | 2026-06-01 10:16:29.359858 |
pkg:github/python/cpython |
purl2cpe | 2026-06-01 10:16:29.359859 |
pkg:python/python |
purl2cpe | 2026-06-01 10:16:29.359860 |
pkg:rpm/opensuse/python |
purl2cpe | 2026-06-01 10:16:29.359862 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-4519 |
vulnerable | 2026-06-03 15:26:25.613430 |
webbrowser.open() allows leading dashes in URLs
The webbrowser.open() API would accept leading dashes in the URL which
could be handled as command line options for certain web browsers. New
behavior rejects leading dashes. Users are recommended to sanitize URLs
prior to passing to webbrowser.open().
Published: 2026-03-20T15:08:32.576Z
Updated: 2026-04-13T21:47:40.137Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-13837 |
vulnerable | 2026-06-03 14:58:53.763120 |
Out-of-memory when loading Plist
When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues
Published: 2025-12-01T18:13:32.739Z
Updated: 2026-03-03T14:41:54.597Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-13836 |
vulnerable | 2026-06-03 14:58:53.762369 |
Excessive read buffering DoS in http.client
When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.
Published: 2025-12-01T18:02:38.483Z
Updated: 2026-03-03T14:41:48.702Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-12084 |
vulnerable | 2026-06-03 14:58:43.770703 |
Quadratic complexity in node ID cache clearing
When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.
Published: 2025-12-03T18:55:32.222Z
Updated: 2026-03-03T14:41:38.821Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.