Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-6069

Опубликовано: 17 июн. 2025
Источник: debian

Описание

The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
python3.13fixed3.13.6-1package
python3.13no-dsatrixiepackage
python3.12removedpackage
python3.11removedpackage
python3.11no-dsabookwormpackage
python3.9removedpackage
python3.9postponedbullseyepackage
python2.7removedpackage
python2.7end-of-lifebullseyepackage
pypy3unfixedpackage
pypy3no-dsatrixiepackage
pypy3no-dsabookwormpackage
pypy3postponedbullseyepackage
jythonunfixedpackage
jythonno-dsatrixiepackage
jythonno-dsabookwormpackage
jythonend-of-lifebullseyepackage

Примечания

  • https://mail.python.org/archives/list/security-announce@python.org/thread/K5PIYLR6EP3WR7ZOKKYQUWEDNQVUXOYM/

  • https://github.com/python/cpython/issues/135462

  • https://github.com/python/cpython/pull/135464

  • https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41 (main)

  • https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b (v3.14.0b3)

  • https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949 (v3.13.6)

  • https://github.com/python/cpython/commit/ab0893fd5c579d9cea30841680e6d35fc478afb5 (v3.12.12)

  • https://github.com/python/cpython/commit/f3c6f882cddc8dc30320d2e73edf019e201394fc (v3.11.14)

  • https://github.com/python/cpython/commit/8d1b3dfa09135affbbf27fb8babcf3c11415df49 (v3.9.24)

Связанные уязвимости

ubuntu логотип

CVE-2025-6069

CVSS3: 4.3
ubuntu
5 месяцев назад

The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service.

redhat логотип

CVE-2025-6069

CVSS3: 4.3
redhat
5 месяцев назад

The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service.

nvd логотип

CVE-2025-6069

CVSS3: 4.3
nvd
5 месяцев назад

The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service.

msrc логотип

CVE-2025-6069

CVSS3: 4.3
msrc
4 месяца назад

HTMLParser quadratic complexity when processing malformed inputs

suse-cvrf логотип

SUSE-SU-2025:02597-1

suse-cvrf
3 месяца назад

Security update for python310