Ibb-python


reports in last 90 days

40

disclosed resolved issues

0

disclosed informative issues

0

disclosed N/A issues

Listed on HackerOne — Updated on 2019/10/15

Bug Title Bug Type Found By Report Info Report Status

Low XML hash collision DoS vulnerability in Python's xml.etree module

Denial of Service tiran Issue was not triaged


Time to close: 9 Days and 16 hours
Resolved

Low Unsafe arithmetic in PyString_DecodeEscape

Integer Overflow jaybosamiya Issue was not triaged


Time to close: 22 Days and 20 hours
Resolved

Medium chain.__setstate__ Type Confusion

Memory Corruption - Generic johnleitch Issue was not triaged


Time to close: 53 Days and 11 hours
Resolved

Low Type confusion in FutureIter_throw() which may potentially lead to an arbitrary code execution

Code Injection artem Issue was not triaged


Time to close: 18 Days and 22 hours
Resolved

Critical LZMADecompressor.decompress Use After Free

Memory Corruption - Generic johnleitch Issue was not triaged


Time to close: 66 Days and 14 hours
Resolved

No rating Type confusion in partial.setstate, partial_repr, partial_call leads to memory corruption, reliable control flow hijack

Code Injection nedw Issue was not triaged


Time to close: 43 Days and 2 hours
Resolved

No rating msilib.OpenDatabase Type Confusion

Code Injection johnleitch Issue was not triaged


Time to close: 7 Days and 23 hours
Resolved

No rating urllib HTTP header injection CVE-2016-5699

None supplied guido Issue was not triaged


Time to close: 0 Days and 0 hours
Resolved

No rating CVE-2016-0772 - python: smtplib StartTLS stripping attack

Cryptographic Issues - Generic hxd Issue was not triaged


Time to close: 46 Days and 19 hours
Resolved

No rating Heap corruption via Python 2.7.11 IOBase readline()

Memory Corruption - Generic guido Issue was not triaged


Time to close: 22 Days and 12 hours
Resolved

No rating Python 2.7 strop.replace Integer Overflow

Memory Corruption - Generic johnleitch Issue was not triaged


Time to close: 19 Days and 15 hours
Resolved

No rating audioop.lin2adpcm Buffer Over-read

None supplied johnleitch Issue was not triaged


Time to close: 11 Days and 0 hours
Resolved

No rating audioop.adpcm2lin Buffer Over-read

None supplied johnleitch Issue was not triaged


Time to close: 13 Days and 0 hours
Resolved

No rating hotshot pack_string Heap Buffer Overflow

None supplied johnleitch Issue was not triaged


Time to close: 7 Days and 0 hours
Resolved

No rating bytearray.find Buffer Over-read

None supplied johnleitch Issue was not triaged


Time to close: 12 Days and 0 hours
Resolved

No rating array.fromstring Use After Free

None supplied johnleitch Issue was not triaged


Time to close: 13 Days and 0 hours
Resolved

No rating use after free in load_newobj_ex

None supplied tukan Issue was not triaged


Time to close: 0 Days and 0 hours
Resolved

No rating PyFloat_FromString & PyNumber_Long Buffer Over-reads

None supplied johnleitch Issue was not triaged


Time to close: 94 Days and 0 hours
Resolved

No rating tokenizer crash when processing undecodable source code

None supplied androm3da Issue was not triaged


Time to close: 32 Days and 0 hours
Resolved

No rating Integer overflow in _Unpickler_Read

None supplied hugbounter Issue was not triaged


Time to close: 0 Days and 0 hours
Resolved

No rating Python 3.3 - 3.5 product_setstate() Out-of-bounds Read

None supplied johnleitch Issue was not triaged


Time to close: 4 Days and 0 hours
Resolved

No rating Python xmlparse_setattro() Type Confusion

None supplied johnleitch Issue was not triaged


Time to close: 0 Days and 0 hours
Resolved

No rating time_strftime() Buffer Over-read

None supplied johnleitch Issue was not triaged


Time to close: 16 Days and 0 hours
Resolved

No rating Python scan_eol() Buffer Over-read

None supplied johnleitch Issue was not triaged


Time to close: 1 Days and 0 hours
Resolved

No rating Python deque.index() uninitialized memory

None supplied johnleitch Issue was not triaged


Time to close: 13 Days and 0 hours
Resolved