python: The zipfile module is vulnerable to zip-bombs leading to denial of service

A flaw was found in the Python/CPython 'zipfile' that can allow a zip-bomb type of attack. An attacker may craft a zip file format, leading to a Denial of Service when processed...

GHSA-JFMJ-5V4G-7637 zipp Denial of Service vulnerability

A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the...

zipp Denial of Service vulnerability

A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the...

AZL-43189 CVE-2024-5569 affecting package tensorflow for versions less than 2.16.1-9

A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the...

DEBIAN-CVE-2024-5569

A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the...

AZL-43198 CVE-2024-5569 affecting package python-zipp for versions less than 3.17.0-3

A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the...

UBUNTU-CVE-2024-5569

A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the...

CVE-2024-5569

A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the...

CVE-2024-5569

A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the...

RHEL 8 : python3 (RHSA-2024:4406)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4406 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

PT-2024-5225

Name of the Vulnerable Software and Affected Versions: jaraco/zipp versions prior to 3.19.1 Description: A Denial of Service DoS issue exists in the jaraco/zipp library, triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile modu...

CLSA-2024-1720178532 python3: Fix of 2 CVEs

CVE-2023-6597: Prevent tempfile.TemporaryDirectory class dereference symlinks - CVE-2024-0450: Make zipfile module reject zip archives which overlap entries in the archive. Prevent “quoted-overlap” zip-bombs exploit...

CLSA-2024-1720178375 python2: Fix of CVE-2024-0450

CVE-2024-0450: Make zipfile module reject zip archives which overlap entries in the archive. Prevent “quoted-overlap” zip-bombs exploit...

CBL Mariner 2.0 Security Update: python3 (CVE-2024-0450)

The version of python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0450 advisory. - An issue was found in the CPython zipfile module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and...

python: The zipfile module is vulnerable to zip-bombs leading to denial of service

A flaw was found in the Python/CPython 'zipfile' that can allow a zip-bomb type of attack. An attacker may craft a zip file format, leading to a Denial of Service when processed...

python3.9 security update

An update is available for python3.9. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming language...

Moderate: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Rocky Linux 9 : python3.9 (RLSA-2024:4078)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:4078 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 python: The zipfile module is vulnerable to zip-bombs leading to denial of service...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2024-1861)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP12 : python3 (EulerOS-SA-2024-1861)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior.The...