Количество 35
Количество 35
BDU:2026-00313
Уязвимость модуля zipfile интерпретатора языка программирования Python (CPython), позволяющая нарушителю оказать воздействие на целостность защищаемой информации
ROS-20251223-7310
Уязвимость python3.13
ROS-20251223-7309
Уязвимость python3.11
ROS-20251223-7308
Уязвимость python3.10
ROS-20251223-7307
Уязвимость python3
CVE-2025-8291
The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value.
CVE-2025-8291
The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value.
CVE-2025-8291
The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value.
CVE-2025-8291
ZIP64 End of Central Directory (EOCD) Locator record offset not checked
CVE-2025-8291
The 'zipfile' module would not check the validity of the ZIP64 End of ...
SUSE-SU-2025:4313-1
Security update for python
RLSA-2025:23940
Moderate: python3.12 security update
RLSA-2025:23323
Moderate: python3.12 security update
GHSA-49g5-f6qw-8mm7
The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value.
ELSA-2025-23940
ELSA-2025-23940: python3.12 security update (MODERATE)
ELSA-2025-23323
ELSA-2025-23323: python3.12 security update (MODERATE)
SUSE-SU-2025:4487-1
Security update for python36
SUSE-SU-2025:4398-1
Security update for python3
SUSE-SU-2025:4389-1
Security update for python
SUSE-SU-2025:4368-1
Security update for python3
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2026-00313 Уязвимость модуля zipfile интерпретатора языка программирования Python (CPython), позволяющая нарушителю оказать воздействие на целостность защищаемой информации | CVSS3: 4.3 | 0% Низкий | 8 месяцев назад |
 | ROS-20251223-7310 Уязвимость python3.13 | CVSS3: 4.3 | 0% Низкий | 3 месяца назад |
| ROS-20251223-7309 Уязвимость python3.11 | CVSS3: 4.3 | 0% Низкий | 3 месяца назад |
| ROS-20251223-7308 Уязвимость python3.10 | CVSS3: 4.3 | 0% Низкий | 3 месяца назад |
| ROS-20251223-7307 Уязвимость python3 | CVSS3: 4.3 | 0% Низкий | 3 месяца назад |
 | CVE-2025-8291 The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value. | CVSS3: 4.3 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-8291 The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value. | CVSS3: 4.3 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-8291 The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value. | CVSS3: 4.3 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-8291 ZIP64 End of Central Directory (EOCD) Locator record offset not checked | CVSS3: 4.3 | 0% Низкий | 6 месяцев назад |
| CVE-2025-8291 The 'zipfile' module would not check the validity of the ZIP64 End of ... | CVSS3: 4.3 | 0% Низкий | 6 месяцев назад |
 | SUSE-SU-2025:4313-1 Security update for python | 0% Низкий | 4 месяца назад | |
 | RLSA-2025:23940 Moderate: python3.12 security update | 0% Низкий | 3 месяца назад | |
| RLSA-2025:23323 Moderate: python3.12 security update | 0% Низкий | 3 месяца назад | |
| GHSA-49g5-f6qw-8mm7 The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value. | CVSS3: 4.3 | 0% Низкий | 6 месяцев назад |
| ELSA-2025-23940 ELSA-2025-23940: python3.12 security update (MODERATE) | 3 месяца назад | ||
| ELSA-2025-23323 ELSA-2025-23323: python3.12 security update (MODERATE) | 3 месяца назад | ||
| SUSE-SU-2025:4487-1 Security update for python36 | 3 месяца назад | ||
| SUSE-SU-2025:4398-1 Security update for python3 | 3 месяца назад | ||
| SUSE-SU-2025:4389-1 Security update for python | 3 месяца назад | ||
| SUSE-SU-2025:4368-1 Security update for python3 | 3 месяца назад |
Уязвимостей на страницу