idna
PyPI2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting idnapage 1 of 1
- CVE-2024-3651HIGHCVSS 7.5EG 7.5✓ Fixed in 3.72024-07-07
vulnerable: 0.1 ... v0.2 (54 versions)
A vulnerability was identified in the kjd/idna library, specifically within the `idna.encode()` function, affecting version 3.6. The issue arises from the function's handling of crafted input strings, which can lead to quadratic complexity…
- CVE-2026-45409MEDIUMCVSS 5.3EG 5.3✓ Fixed in 3.152026-05-19
vulnerable: 0.1 ... 3.9 (37 versions)
Internationalized Domain Names in Applications (IDNA) for Python provides support for Internationalized Domain Names in Applications (IDNA) and Unicode IDNA Compatibility Processing. In versions prior to 3.15, payloads such as `"\u0660" * …
Check whether idna is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for idna CVEs against the assets you own.
Start Free Scan →