Количество 72
Количество 72
SUSE-SU-2025:3706-1
Security update for python313
ROS-20260129-73-0015
Уязвимость python3
CVE-2025-6075
If the value passed to os.path.expandvars() is user-controlled a performance degradation is possible when expanding environment variables.
CVE-2025-6075
If the value passed to os.path.expandvars() is user-controlled a performance degradation is possible when expanding environment variables.
CVE-2025-6075
Quadratic complexity in os.path.expandvars() with user-controlled template
CVE-2025-6075
If the value passed to os.path.expandvars() is user-controlled a perf ...
SUSE-SU-2025:02802-1
Security update for python3
SUSE-SU-2025:02767-1
Security update for python313
SUSE-SU-2025:02717-1
Security update for python311
CVE-2025-8291
The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value.
CVE-2025-8291
The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value.
CVE-2025-8291
ZIP64 End of Central Directory (EOCD) Locator record offset not checked
CVE-2025-8291
The 'zipfile' module would not check the validity of the ZIP64 End of ...
SUSE-SU-2026:0337-1
Security update for python
GHSA-vc2m-m665-8xm2
If the value passed to os.path.expandvars() is user-controlled a performance degradation is possible when expanding environment variables.
SUSE-SU-2025:02297-1
Security update for python36
SUSE-SU-2025:4313-1
Security update for python
RLSA-2025:23940
Moderate: python3.12 security update
RLSA-2025:23323
Moderate: python3.12 security update
GHSA-49g5-f6qw-8mm7
The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | SUSE-SU-2025:3706-1 Security update for python313 | 4 месяца назад | ||
 | ROS-20260129-73-0015 Уязвимость python3 | CVSS3: 4.3 | 0% Низкий | 7 дней назад |
 | CVE-2025-6075 If the value passed to os.path.expandvars() is user-controlled a performance degradation is possible when expanding environment variables. | 0% Низкий | 3 месяца назад | |
 | CVE-2025-6075 If the value passed to os.path.expandvars() is user-controlled a performance degradation is possible when expanding environment variables. | 0% Низкий | 3 месяца назад | |
 | CVE-2025-6075 Quadratic complexity in os.path.expandvars() with user-controlled template | 0% Низкий | 3 месяца назад | |
| CVE-2025-6075 If the value passed to os.path.expandvars() is user-controlled a perf ... | 0% Низкий | 3 месяца назад | |
| SUSE-SU-2025:02802-1 Security update for python3 | 6 месяцев назад | ||
| SUSE-SU-2025:02767-1 Security update for python313 | 6 месяцев назад | ||
| SUSE-SU-2025:02717-1 Security update for python311 | 6 месяцев назад | ||
| CVE-2025-8291 The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value. | CVSS3: 4.3 | 0% Низкий | 4 месяца назад |
| CVE-2025-8291 The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value. | CVSS3: 4.3 | 0% Низкий | 4 месяца назад |
| CVE-2025-8291 ZIP64 End of Central Directory (EOCD) Locator record offset not checked | CVSS3: 4.3 | 0% Низкий | 4 месяца назад |
| CVE-2025-8291 The 'zipfile' module would not check the validity of the ZIP64 End of ... | CVSS3: 4.3 | 0% Низкий | 4 месяца назад |
| SUSE-SU-2026:0337-1 Security update for python | 0% Низкий | 7 дней назад | |
| GHSA-vc2m-m665-8xm2 If the value passed to os.path.expandvars() is user-controlled a performance degradation is possible when expanding environment variables. | 0% Низкий | 3 месяца назад | |
| SUSE-SU-2025:02297-1 Security update for python36 | 7 месяцев назад | ||
| SUSE-SU-2025:4313-1 Security update for python | 0% Низкий | 2 месяца назад | |
 | RLSA-2025:23940 Moderate: python3.12 security update | 0% Низкий | около 1 месяца назад | |
| RLSA-2025:23323 Moderate: python3.12 security update | 0% Низкий | около 2 месяцев назад | |
| GHSA-49g5-f6qw-8mm7 The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value. | CVSS3: 4.3 | 0% Низкий | 4 месяца назад |
Уязвимостей на страницу