Количество 28
Количество 28
CVE-2025-8194
There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives. This vulnerability can be mitigated by including the following patch after importing the “tarfile” module: https://gist.github.com/sethmlarson/1716ac5b82b73dbcbf23ad2eff8b33e1
CVE-2025-8194
There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives. This vulnerability can be mitigated by including the following patch after importing the “tarfile” module: https://gist.github.com/sethmlarson/1716ac5b82b73dbcbf23ad2eff8b33e1
CVE-2025-8194
There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives. This vulnerability can be mitigated by including the following patch after importing the “tarfile” module: https://gist.github.com/sethmlarson/1716ac5b82b73dbcbf23ad2eff8b33e1
CVE-2025-8194
There is a defect in the CPython \u201ctarfile\u201d module affecting ...
SUSE-SU-2025:03032-1
Security update for python
SUSE-SU-2025:02984-1
Security update for python311
SUSE-SU-2025:02983-1
Security update for python36
SUSE-SU-2025:02982-1
Security update for python312
SUSE-SU-2025:02948-1
Security update for python310
SUSE-SU-2025:02701-1
Security update for python
SUSE-SU-2025:02700-1
Security update for python39
RLSA-2025:14841
Moderate: python3.11 security update
RLSA-2025:14546
Moderate: python3.12 security update
GHSA-v594-44hm-2j7p
There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives. This vulnerability can be mitigated by including the following patch after importing the “tarfile” module: import tarfile def _block_patched(self, count): if count < 0: # pragma: no cover raise tarfile.InvalidHeaderError("invalid offset") return _block_patched._orig_block(self, count) _block_patched._orig_block = tarfile.TarInfo._block tarfile.TarInfo._block = _block_patched
ELSA-2025-16117
ELSA-2025-16117: python3 security update (MODERATE)
ELSA-2025-15019
ELSA-2025-15019: python3.9 security update (MODERATE)
ELSA-2025-15010
ELSA-2025-15010: python3.11 security update (MODERATE)
ELSA-2025-15007
ELSA-2025-15007: python3.12 security update (MODERATE)
ELSA-2025-14984
ELSA-2025-14984: python3.12 security update (MODERATE)
ELSA-2025-14841
ELSA-2025-14841: python3.11 security update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-8194 There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives. This vulnerability can be mitigated by including the following patch after importing the “tarfile” module: https://gist.github.com/sethmlarson/1716ac5b82b73dbcbf23ad2eff8b33e1 | CVSS3: 7.5 | 0% Низкий | 3 месяца назад |
 | CVE-2025-8194 There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives. This vulnerability can be mitigated by including the following patch after importing the “tarfile” module: https://gist.github.com/sethmlarson/1716ac5b82b73dbcbf23ad2eff8b33e1 | CVSS3: 7.5 | 0% Низкий | 3 месяца назад |
 | CVE-2025-8194 There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives. This vulnerability can be mitigated by including the following patch after importing the “tarfile” module: https://gist.github.com/sethmlarson/1716ac5b82b73dbcbf23ad2eff8b33e1 | CVSS3: 7.5 | 0% Низкий | 3 месяца назад |
| CVE-2025-8194 There is a defect in the CPython \u201ctarfile\u201d module affecting ... | CVSS3: 7.5 | 0% Низкий | 3 месяца назад |
 | SUSE-SU-2025:03032-1 Security update for python | 0% Низкий | около 2 месяцев назад | |
| SUSE-SU-2025:02984-1 Security update for python311 | 0% Низкий | около 2 месяцев назад | |
| SUSE-SU-2025:02983-1 Security update for python36 | 0% Низкий | около 2 месяцев назад | |
| SUSE-SU-2025:02982-1 Security update for python312 | 0% Низкий | около 2 месяцев назад | |
| SUSE-SU-2025:02948-1 Security update for python310 | 0% Низкий | около 2 месяцев назад | |
| SUSE-SU-2025:02701-1 Security update for python | 0% Низкий | 2 месяца назад | |
| SUSE-SU-2025:02700-1 Security update for python39 | 0% Низкий | 2 месяца назад | |
 | RLSA-2025:14841 Moderate: python3.11 security update | 0% Низкий | около 1 месяца назад | |
| RLSA-2025:14546 Moderate: python3.12 security update | 0% Низкий | около 1 месяца назад | |
| GHSA-v594-44hm-2j7p There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives. This vulnerability can be mitigated by including the following patch after importing the “tarfile” module: import tarfile def _block_patched(self, count): if count < 0: # pragma: no cover raise tarfile.InvalidHeaderError("invalid offset") return _block_patched._orig_block(self, count) _block_patched._orig_block = tarfile.TarInfo._block tarfile.TarInfo._block = _block_patched | CVSS3: 7.5 | 0% Низкий | 3 месяца назад |
| ELSA-2025-16117 ELSA-2025-16117: python3 security update (MODERATE) | 14 дней назад | ||
| ELSA-2025-15019 ELSA-2025-15019: python3.9 security update (MODERATE) | около 1 месяца назад | ||
| ELSA-2025-15010 ELSA-2025-15010: python3.11 security update (MODERATE) | около 1 месяца назад | ||
| ELSA-2025-15007 ELSA-2025-15007: python3.12 security update (MODERATE) | около 1 месяца назад | ||
| ELSA-2025-14984 ELSA-2025-14984: python3.12 security update (MODERATE) | около 1 месяца назад | ||
| ELSA-2025-14841 ELSA-2025-14841: python3.11 security update (MODERATE) | около 2 месяцев назад |
Уязвимостей на страницу