GCVE - cpe:2.3:a:python:python:3.10.0:alpha5:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:python:python:3.10.0:alpha5:*:*:*:*:*:*

part: a version: 3.10.0 update: alpha5

Vendor	Python (`b57ad93a-6195-5192-9423-6cfad6044a8b`)
Product	Python (`fc328eef-0a85-5ddb-b629-b8866ec518c8`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:deb/debian/python`	purl2cpe	2026-06-01 10:16:29.242676
`pkg:github/python/cpython`	purl2cpe	2026-06-01 10:16:29.242678
`pkg:python/python`	purl2cpe	2026-06-01 10:16:29.242679
`pkg:rpm/opensuse/python`	purl2cpe	2026-06-01 10:16:29.242680

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-0391`	vulnerable	2026-06-03 14:45:56.085811	Details available A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14. Published: 2022-02-09T00:00:00.000Z Updated: 2025-12-17T20:58:43.991Z Open on db.gcve.eu Reference links https://bugs.python.org/issue43882 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/ https://www.oracle.com/security-alerts/cpuapr2022.html https://security.netapp.com/advisory/ntap-20220225-0009/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-3426`	vulnerable	2026-06-03 14:45:10.536583	Details available There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7. Published: 2021-05-20T00:00:00.000Z Updated: 2025-12-18T11:45:56.551Z Open on db.gcve.eu Reference links https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.