Описание
If the value passed to os.path.expandvars() is user-controlled a
performance degradation is possible when expanding environment
variables.
A vulnerability in Python’s os.path.expandvars() function that can cause performance degradation. When processing specially crafted, user-controlled input with nested environment variable patterns, the function exhibits quadratic time complexity, potentially leading to excessive CPU usage and denial of service (DoS) conditions. No code execution or data exposure occurs, so the impact is limited to performance slowdown.
Отчет
This vulnerability is rated Low rather than Moderate because it only causes a performance inefficiency without affecting code execution, data integrity, or confidentiality. The flaw lies in the algorithmic complexity of os.path.expandvars(), which can become quadratic when processing crafted input containing repetitive or nested environment variable references. Exploitation requires the attacker to control the input string passed to this function, which is uncommon in secure applications. Moreover, the impact is limited to increased CPU utilization and potential slowdown, not system compromise or data manipulation. Since the issue does not introduce memory corruption, privilege escalation, or information disclosure risks, its overall impact scope and exploitability are minimal, justifying a Low severity rating.
Меры по смягчению последствий
No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | firefox | Fix deferred | ||
| Red Hat Enterprise Linux 10 | python3.12 | Fix deferred | ||
| Red Hat Enterprise Linux 6 | python | Fix deferred | ||
| Red Hat Enterprise Linux 7 | firefox | Fix deferred | ||
| Red Hat Enterprise Linux 7 | python | Fix deferred | ||
| Red Hat Enterprise Linux 7 | python3 | Fix deferred | ||
| Red Hat Enterprise Linux 8 | firefox | Fix deferred | ||
| Red Hat Enterprise Linux 8 | python3 | Fix deferred | ||
| Red Hat Enterprise Linux 8 | python3.11 | Fix deferred | ||
| Red Hat Enterprise Linux 8 | python3.12 | Fix deferred |
Показывать по
Дополнительная информация
Статус:
EPSS
4 Medium
CVSS3
Связанные уязвимости
If the value passed to os.path.expandvars() is user-controlled a performance degradation is possible when expanding environment variables.
If the value passed to os.path.expandvars() is user-controlled a performance degradation is possible when expanding environment variables.
Quadratic complexity in os.path.expandvars() with user-controlled template
If the value passed to os.path.expandvars() is user-controlled a perf ...
EPSS
4 Medium
CVSS3