Canonical list of Python security vulnerabilities
Dieter Maurer
dieter at handshake.de
Sat Jul 15 13:02:16 EDT 2023
Bob Kline wrote at 2023-7-14 13:35 -0400:
>Can someone point me to the official catalog of security vulnerabilities in
>Python (by which I mean cpython and the standard libraries)? I found
>https://www.cvedetails.com/vulnerability-list/vendor_id-10210/product_id-18230/Python-Python.html
>but that isn't maintained by python.org.
I am active in the `Zope` community (a web application server
based on Python). This community has a security mailing list
for security related reports
and issues public CVE (= "Commun Vulnerabilities and Exposures") reports
(via a "GitHUB" service) as soon as a security risk has been resolved.
I expect that security risks for Python itself are handled in
a similar way (as, Python too, maintains its code on "GitHUB").
This means that the CVE dictionary should contain **ALL**
publicly announced security risk reports whether found by
the Pyhton community or packagers.
For details about CVE, read
"https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures".
More information about the Python-list
mailing list