Количество 37
Количество 37
GHSA-v594-44hm-2j7p
There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives. This vulnerability can be mitigated by including the following patch after importing the “tarfile” module: import tarfile def _block_patched(self, count): if count < 0: # pragma: no cover raise tarfile.InvalidHeaderError("invalid offset") return _block_patched._orig_block(self, count) _block_patched._orig_block = tarfile.TarInfo._block tarfile.TarInfo._block = _block_patched
ELSA-2025-16117
ELSA-2025-16117: python3 security update (MODERATE)
ELSA-2025-15019
ELSA-2025-15019: python3.9 security update (MODERATE)
ELSA-2025-15010
ELSA-2025-15010: python3.11 security update (MODERATE)
ELSA-2025-15007
ELSA-2025-15007: python3.12 security update (MODERATE)
ELSA-2025-14984
ELSA-2025-14984: python3.12 security update (MODERATE)
ELSA-2025-14841
ELSA-2025-14841: python3.11 security update (MODERATE)
ELSA-2025-14560
ELSA-2025-14560: python3 security update (MODERATE)
ELSA-2025-14546
ELSA-2025-14546: python3.12 security update (MODERATE)
SUSE-SU-2025:3706-1
Security update for python313
RLSA-2025:14900
Moderate: python39:3.9 security update
ELSA-2025-14900
ELSA-2025-14900: python39:3.9 security update (MODERATE)
SUSE-SU-2025:02802-1
Security update for python3
SUSE-SU-2025:02767-1
Security update for python313
SUSE-SU-2025:02717-1
Security update for python311
openSUSE-SU-2026:20081-1
Security update for python313
SUSE-SU-2025:02778-1
Security update for python3
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-v594-44hm-2j7p There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives. This vulnerability can be mitigated by including the following patch after importing the “tarfile” module: import tarfile def _block_patched(self, count): if count < 0: # pragma: no cover raise tarfile.InvalidHeaderError("invalid offset") return _block_patched._orig_block(self, count) _block_patched._orig_block = tarfile.TarInfo._block tarfile.TarInfo._block = _block_patched | CVSS3: 7.5 | 0% Низкий | 8 месяцев назад |
| ELSA-2025-16117 ELSA-2025-16117: python3 security update (MODERATE) | 6 месяцев назад | ||
| ELSA-2025-15019 ELSA-2025-15019: python3.9 security update (MODERATE) | 7 месяцев назад | ||
| ELSA-2025-15010 ELSA-2025-15010: python3.11 security update (MODERATE) | 7 месяцев назад | ||
| ELSA-2025-15007 ELSA-2025-15007: python3.12 security update (MODERATE) | 7 месяцев назад | ||
| ELSA-2025-14984 ELSA-2025-14984: python3.12 security update (MODERATE) | 7 месяцев назад | ||
| ELSA-2025-14841 ELSA-2025-14841: python3.11 security update (MODERATE) | 7 месяцев назад | ||
| ELSA-2025-14560 ELSA-2025-14560: python3 security update (MODERATE) | 7 месяцев назад | ||
| ELSA-2025-14546 ELSA-2025-14546: python3.12 security update (MODERATE) | 7 месяцев назад | ||
 | SUSE-SU-2025:3706-1 Security update for python313 | 5 месяцев назад | ||
 | RLSA-2025:14900 Moderate: python39:3.9 security update | 7 месяцев назад | ||
| ELSA-2025-14900 ELSA-2025-14900: python39:3.9 security update (MODERATE) | 7 месяцев назад | ||
| SUSE-SU-2025:02802-1 Security update for python3 | 8 месяцев назад | ||
| SUSE-SU-2025:02767-1 Security update for python313 | 8 месяцев назад | ||
| SUSE-SU-2025:02717-1 Security update for python311 | 8 месяцев назад | ||
| openSUSE-SU-2026:20081-1 Security update for python313 | 2 месяца назад | ||
| SUSE-SU-2025:02778-1 Security update for python3 | 8 месяцев назад |
Уязвимостей на страницу