Количество 54
Количество 54
RLSA-2026:0123
Moderate: python3.12 security update
ELSA-2026-0123
ELSA-2026-0123: python3.12 security update (MODERATE)
SUSE-SU-2026:0133-1
Security update for python
openSUSE-SU-2026:20081-1
Security update for python313
CVE-2025-12084
When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.
CVE-2025-12084
When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.
CVE-2025-12084
Quadratic complexity in node ID cache clearing
CVE-2025-12084
When building nested elements using xml.dom.minidom methods such as ap ...
CVE-2025-8291
The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value.
CVE-2025-8291
The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value.
CVE-2025-8291
ZIP64 End of Central Directory (EOCD) Locator record offset not checked
CVE-2025-8291
The 'zipfile' module would not check the validity of the ZIP64 End of ...
GHSA-hfqx-732w-xrrw
When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.
ELSA-2026-1478
ELSA-2026-1478: python3.9 security update (MODERATE)
SUSE-SU-2025:4313-1
Security update for python
RLSA-2025:23940
Moderate: python3.12 security update
RLSA-2025:23323
Moderate: python3.12 security update
GHSA-49g5-f6qw-8mm7
The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value.
ELSA-2025-23940
ELSA-2025-23940: python3.12 security update (MODERATE)
ELSA-2025-23323
ELSA-2025-23323: python3.12 security update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | RLSA-2026:0123 Moderate: python3.12 security update | около 1 месяца назад | ||
| ELSA-2026-0123 ELSA-2026-0123: python3.12 security update (MODERATE) | около 1 месяца назад | ||
 | SUSE-SU-2026:0133-1 Security update for python | 25 дней назад | ||
| openSUSE-SU-2026:20081-1 Security update for python313 | 19 дней назад | ||
 | CVE-2025-12084 When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents. | CVSS3: 5.3 | 0% Низкий | 2 месяца назад |
 | CVE-2025-12084 When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents. | CVSS3: 5.3 | 0% Низкий | 2 месяца назад |
 | CVE-2025-12084 Quadratic complexity in node ID cache clearing | 0% Низкий | 2 месяца назад | |
| CVE-2025-12084 When building nested elements using xml.dom.minidom methods such as ap ... | CVSS3: 5.3 | 0% Низкий | 2 месяца назад |
| CVE-2025-8291 The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value. | CVSS3: 4.3 | 0% Низкий | 4 месяца назад |
| CVE-2025-8291 The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value. | CVSS3: 4.3 | 0% Низкий | 4 месяца назад |
| CVE-2025-8291 ZIP64 End of Central Directory (EOCD) Locator record offset not checked | CVSS3: 4.3 | 0% Низкий | 4 месяца назад |
| CVE-2025-8291 The 'zipfile' module would not check the validity of the ZIP64 End of ... | CVSS3: 4.3 | 0% Низкий | 4 месяца назад |
| GHSA-hfqx-732w-xrrw When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents. | CVSS3: 5.3 | 0% Низкий | 2 месяца назад |
| ELSA-2026-1478 ELSA-2026-1478: python3.9 security update (MODERATE) | 13 дней назад | ||
| SUSE-SU-2025:4313-1 Security update for python | 0% Низкий | 2 месяца назад | |
| RLSA-2025:23940 Moderate: python3.12 security update | 0% Низкий | около 2 месяцев назад | |
| RLSA-2025:23323 Moderate: python3.12 security update | 0% Низкий | около 2 месяцев назад | |
| GHSA-49g5-f6qw-8mm7 The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value. | CVSS3: 4.3 | 0% Низкий | 4 месяца назад |
| ELSA-2025-23940 ELSA-2025-23940: python3.12 security update (MODERATE) | около 2 месяцев назад | ||
| ELSA-2025-23323 ELSA-2025-23323: python3.12 security update (MODERATE) | около 2 месяцев назад |
Уязвимостей на страницу