Lucene search
K

9 matches found

OSV
OSV
added 2026/05/08 11:49 a.m.90 views

BIT-PYTHON-2025-12084 Quadratic complexity in node ID cache clearing

When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...

6.3CVSS6.9AI score0.00708EPSS
Exploits0References15
OSV
OSV
added 2026/03/11 9:32 a.m.6 views

CLSA-2026-1773221551 Fix CVE(s): CVE-2025-12084

SECURITY UPDATE: quadratic complexity in xml.dom.minidom node ID cache clearing leads to denial of service - debian/patches/CVE-2025-12084.patch: Replace quadratic indocument traversal with ownerDocument attribute check in clearidcache; ensure Element and Attr instances have ownerDocument...

6.3CVSS6.7AI score0.00708EPSS
Exploits0References1
OSV
OSV
added 2026/02/16 9:45 a.m.5 views

SUSE-SU-2026:20374-1 Security update for python311

This update for python311 fixes the following issues: - CVE-2025-12084: prevent quadratic behavior in node ID cache clearing bsc1254997. - CVE-2025-13836: prevent reading an HTTP response from a server, if no read amount is specified, with using Content-Length per default as the length bsc1254400...

7.5CVSS7.1AI score0.01525EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/30 12:0 a.m.5 views

SUSE SLED15: libpython3_11-1_0 / libpython3_11-1_0-32bit / python311 / etc (SUSE-SU-2026:0314-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0314-1 advisory. - CVE-2025-12084: prevent quadratic behavior in node ID cache clearing bsc1254997. -...

7.5CVSS7AI score0.01525EPSS
Exploits0References10
OSV
OSV
added 2026/01/27 10:24 a.m.7 views

CLSA-2026-1769509482 python3.9: Fix of CVE-2025-12084

CVE-2025-12084: fix denial-of-service by removing quadratic behavior in xml.dom.minidom node ID cache clearing when building deeply nested documents...

6.3CVSS6.6AI score0.00708EPSS
Exploits0References1
OSV
OSV
added 2026/01/22 12:29 p.m.5 views

CLSA-2026-1769084959 python3.11: Fix of CVE-2025-12084

CVE-2025-12084: fix denial-of-service by removing quadratic behavior in xml.dom.minidom node ID cache clearing when building deeply nested documents...

6.3CVSS7.1AI score0.00708EPSS
Exploits0References1
OSV
OSV
added 2026/01/21 6:39 p.m.7 views

CLSA-2026-1769020780 python3.9: Fix of CVE-2025-12084

CVE-2025-12084: fix denial-of-service by removing quadratic behavior in xml.dom.minidom node ID cache clearing when building deeply nested documents...

6.3CVSS7.1AI score0.00708EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2026/01/16 9:19 a.m.4 views

Security update for python

This update for python fixes the following issues: CVE-2025-8291: check validity of the ZIP64 End of Central Directory EOCD in the 'zipfile' module bsc1251305. CVE-2025-12084: prevent quadratic behavior in node ID cache clearing bsc1254997. CVE-2025-13836: prevent reading an HTTP response from a...

6.5CVSS6.9AI score0.01525EPSS
Exploits0References12
FreeBSD
FreeBSD
added 2024/05/23 12:0 a.m.21 views

python -- several vulnerabilities

Hugo van Kemenade reports: Python 3.14.2 and 3.13.11 are now available ... and come with some bonus security fixes. gh-142145: Remove quadratic behavior in node ID cache clearing CVE-2025-12084 gh-119451: Fix a potential denial of service in http.client only in 3.13; CVE-2025-13836 gh-119452: Fix...

7.5CVSS6.8AI score0.01525EPSS
Exploits0References6
Rows per page
Query Builder