Updated: 2025-11-10 02:33:42.472916
Description:
There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0.0 | |
| CVSS Version 3.x | HIGH | 7.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | python3.11 | 3.11.2 | 7.5 | HIGH | Released | CLSA-2025:1740477793 | 2025-02-26 07:09:50 | |
| AlmaLinux 9.2 ESU | python3 | 3.9.16 | 7.5 | HIGH | Released | CLSA-2024:1727979765 | 2024-10-03 15:27:02 | |
| CentOS 6 ELS | python | 2.6.6 | 7.5 | HIGH | Released | CLSA-2024:1728071619 | 2024-10-15 17:31:35 | |
| CentOS 7 ELS | python | 2.7.5 | 7.5 | HIGH | Released | CLSA-2024:1727289456 | 2024-10-07 10:53:24 | |
| CentOS 7 ELS | python3 | 3.6.8 | 7.5 | HIGH | Released | CLSA-2024:1727289133 | 2024-10-07 10:53:19 | |
| CentOS 8.4 ELS | python3 | 3.6.8 | 7.5 | HIGH | Released | CLSA-2024:1728581056 | 2024-10-10 14:31:29 | |
| CentOS 8.4 ELS | python2 | 2.7.18 | 7.5 | HIGH | Released | CLSA-2024:1728403484 | 2024-10-08 14:30:43 | |
| CentOS 8.5 ELS | python2 | 2.7.18 | 7.5 | HIGH | Released | CLSA-2024:1728404213 | 2024-10-08 14:30:42 | |
| CentOS 8.5 ELS | python3 | 3.6.8 | 7.5 | HIGH | Released | CLSA-2024:1728580597 | 2024-10-10 14:31:28 | |
| CentOS Stream 8 ELS | python2 | 2.7.18 | 7.5 | HIGH | Released | CLSA-2024:1728071268 | 2024-10-04 17:30:13 |