CVE-2023-50447 - Breaking Down the Pillow PIL.ImageMath.eval Arbitrary Code Execution Vulnerability
In December 2023, security researchers revealed a serious vulnerability in the popular Python imaging library Pillow (a fork of PIL). Tracked as CVE-2023-50447, this bug
CVE-2018-25091 - Understanding The urllib3 Cross-Origin Authorization Leak, Fixes, and Exploit Examples
CVE-2018-25091 is a security vulnerability found in the popular Python library, urllib3. This bug exists in versions before 1.24.2 and can cause sensitive
CVE-2023-40217 - Python TLS Client Authentication Vulnerability Explained
In this long-read post, we’re diving deep into CVE-2023-40217, a subtle but important security flaw affecting Python’s SSL handling before Python 3.8.
CVE-2023-41105 - Path Traversal Risk in Python 3.11’s os.path.normpath()—What Developers Must Know
CVE-2023-41105 exposes a subtle but important flaw discovered in Python 3.11 through 3.11.4, specifically in the os.path.normpath() function. This seemingly
CVE-2022-48565 - How a plistlib Bug in Python Led to an XXE Security Vulnerability
In early 2023, security researchers identified a serious vulnerability in Python, specifically in its plistlib module, tracked as CVE-2022-48565. This issue made Python code that
Episode
00:00:00
00:00:00