14 matches found
Astra Linux - уязвимость в python3.11, python2.7, python3.7
There is a medium-severity vulnerability affecting CPython. Regular expressions that allow excessive backtracking during the tarfile.TarFile header parsing are vulnerable to ReDoS through specifically crafted tar archives...
Siemens Ruggedcom ROX Inefficient Regular Expression Complexity (CVE-2024-6232)
There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives. This plugin only works with Tenable.ot. Please visit...
BIT-LIBPYTHON-2024-6232 Regular-expression DoS when parsing TarFile headers
There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives...
TencentOS Server 3: python3.11 (TSSA-2024:0800)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0800 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
TencentOS Server 2: python3 (TSSA-2025:0171)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0171 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
CLSA-2025-1740477793 python3.11: Fix of CVE-2024-6232
CVE-2024-6232: fix excessive backtracking in tarfile.TarFile header parsing to address ReDoS vulnerability...
USN-7015-4: Python vulnerability
USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding update for CVE-2023-27043 for python2.7 and python3.5 in Ubuntu 14.04 LTS. Original advisory details: It was discovered that the Python email module incorrectly parsed email addresses that contain special...
CLSA-2024-1728581056 python3: Fix of 2 CVEs
CVE-2024-6232: remove backtracking when parsing tarfile headers - CVE-2024-7592: fix quadratic complexity in parsing '-quoted' cookie values with backslashes...
CLSA-2024-1728071284 python: Fix of 2 CVEs
CVE-2024-7592: fix algorithm with quadratic complexity to avoid using excess CPU resources while parsing the cookie value - CVE-2024-6232: fix regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing and was vulnerable to ReDoS via specifically-crafted tar...
CLSA-2024-1727289456 python: Fix of CVE-2024-6232
CVE-2024-6232: fixed regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives...
CLSA-2024-1727289133 python3: Fix of 2 CVEs
CVE-2024-6232: remove backtracking when parsing tarfile headers - CVE-2024-7592: fix quadratic complexity in parsing "-quoted cookie values with backslashes...
Fedora 40 : python3.8 (2024-6dedbc5cf9)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-6dedbc5cf9 advisory. This is a security release of Python 3.11 ----------------------------------------- Note: The release you're looking at is Python 3.11.10, a securit...
Fedora 40 : python3-docs / python3.12 (2024-1d0cb3b43f)
The remote Fedora 40 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-1d0cb3b43f advisory. This is the sixth maintenance release of Python 3.12 ==================================================== Python 3.12 is the newest major release of...
PT-2024-7545
Name of the Vulnerable Software and Affected Versions CPython affected versions not specified Description The issue is related to regular expressions used in tarfile.TarFile header parsing, which can cause excessive backtracking and are vulnerable to ReDoS via specifically-crafted tar archives...