2008-Present http://www.cvedetails.com/product/18230/Python-Python.html?vendor_id=10210
There's a download link, but AFAICT not an API On Friday, February 17, 2017, Victor Stinner <victor.stin...@gmail.com> wrote: > Hi, > > I wrote a tool to generate an HTML report on Python security > vulnerabilities. It takes the following YAML file as input: > https://github.com/haypo/python-security/blob/master/vulnerabilities.yml > > And Python release dates, file written manually from Misc/NEWS: > https://github.com/haypo/python-security/blob/master/python_releases.txt > > The output is the HTML page: > http://python-security.readthedocs.io/en/latest/vulnerabilities.html > > For each vulnerability, you have a description and a list of links. > From a list of commits, the tool computes the fixed Python and the > number of days Python was vulnerable. > > Can you please check data of my two input files? > > What do you think of the page? Is it useful? > > TODO: > > * fix render_doc.py to support multiple lines in the table > * add title to links > * find the YAML syntax for "Issue #26657" :-) Current, #xxx is ignored > since it's seen as a comment > * maybe document in the YAML file how the Disclosure date was chosen > > Maybe I should add a "vulnerable" column to list Python versions which > are vulnerable. > > If you consider the data useful and the data are double checked, the > next step will to announce it. > > Later, I plan to slowly fill vulnerabilities.yml with recent > vulnerabilities, and then with older vulnerabilities. > > FYI a few months ago, I generated the page manually, but quickly I > realized that it's painful to compute all data and also to maintain > manually such list. My old page: > http://haypo-notes.readthedocs.io/python_security.html > > Victor > _______________________________________________ > Security-SIG mailing list > Security-SIG@python.org <javascript:;> > https://mail.python.org/mailman/listinfo/security-sig >
_______________________________________________ Security-SIG mailing list Security-SIG@python.org https://mail.python.org/mailman/listinfo/security-sig
