Количество 25
Количество 25
BDU:2025-09994
Уязвимость интерпретатора языка программирования Python (CPython), связанная с неверным ограничением имени пути к каталогу с ограниченным доступом, позволяющая нарушителю оказать воздействие на целостность защищаемой информации
ROS-20250925-04
Множественные уязвимости python3
ROS-20250925-03
Множественные уязвимости python3.10
ROS-20250925-02
Множественные уязвимости python3.11
ROS-20250925-01
Множественные уязвимости python3.12
CVE-2025-4435
When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped.
CVE-2025-4435
When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped.
CVE-2025-4435
When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped.
CVE-2025-4435
Tarfile extracts filtered members when errorlevel=0
CVE-2025-4435
When using a TarFile.errorlevel = 0and extracting with a filter the do ...
GHSA-p72v-37h5-753v
When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped.
SUSE-SU-2025:02767-1
Security update for python313
SUSE-SU-2025:02717-1
Security update for python311
RLSA-2025:10140
Important: python3.12 security update
RLSA-2025:10031
Important: python3.12 security update
RLSA-2025:10026
Important: python3.11 security update
ELSA-2025-10189
ELSA-2025-10189: python3.12 security update (IMPORTANT)
ELSA-2025-10148
ELSA-2025-10148: python3.11 security update (IMPORTANT)
ELSA-2025-10140
ELSA-2025-10140: python3.12 security update (IMPORTANT)
ELSA-2025-10136
ELSA-2025-10136: python3.9 security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2025-09994 Уязвимость интерпретатора языка программирования Python (CPython), связанная с неверным ограничением имени пути к каталогу с ограниченным доступом, позволяющая нарушителю оказать воздействие на целостность защищаемой информации | CVSS3: 7.5 | 0% Низкий | 5 месяцев назад |
 | ROS-20250925-04 Множественные уязвимости python3 | CVSS3: 9.4 | около 1 месяца назад | |
| ROS-20250925-03 Множественные уязвимости python3.10 | CVSS3: 9.4 | около 1 месяца назад | |
| ROS-20250925-02 Множественные уязвимости python3.11 | CVSS3: 9.4 | около 1 месяца назад | |
| ROS-20250925-01 Множественные уязвимости python3.12 | CVSS3: 9.4 | около 1 месяца назад | |
 | CVE-2025-4435 When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped. | CVSS3: 7.5 | 0% Низкий | 5 месяцев назад |
 | CVE-2025-4435 When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped. | CVSS3: 7.5 | 0% Низкий | 5 месяцев назад |
 | CVE-2025-4435 When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped. | CVSS3: 7.5 | 0% Низкий | 5 месяцев назад |
 | CVE-2025-4435 Tarfile extracts filtered members when errorlevel=0 | CVSS3: 6.5 | 0% Низкий | 2 месяца назад |
| CVE-2025-4435 When using a TarFile.errorlevel = 0and extracting with a filter the do ... | CVSS3: 7.5 | 0% Низкий | 5 месяцев назад |
| GHSA-p72v-37h5-753v When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped. | CVSS3: 7.5 | 0% Низкий | 5 месяцев назад |
 | SUSE-SU-2025:02767-1 Security update for python313 | 3 месяца назад | ||
| SUSE-SU-2025:02717-1 Security update for python311 | 3 месяца назад | ||
 | RLSA-2025:10140 Important: python3.12 security update | около 1 месяца назад | ||
| RLSA-2025:10031 Important: python3.12 security update | 3 месяца назад | ||
| RLSA-2025:10026 Important: python3.11 security update | 3 месяца назад | ||
| ELSA-2025-10189 ELSA-2025-10189: python3.12 security update (IMPORTANT) | 4 месяца назад | ||
| ELSA-2025-10148 ELSA-2025-10148: python3.11 security update (IMPORTANT) | 4 месяца назад | ||
| ELSA-2025-10140 ELSA-2025-10140: python3.12 security update (IMPORTANT) | 4 месяца назад | ||
| ELSA-2025-10136 ELSA-2025-10136: python3.9 security update (IMPORTANT) | 4 месяца назад |
Уязвимостей на страницу