Updated: 2025-11-10 02:33:42.472916
Description:
There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0.0 | |
| CVSS Version 3.x | HIGH | 7.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| CloudLinux 6 ELS | python | 2.6.6 | 7.5 | HIGH | Released | CLSA-2024:1728071604 | 2024-10-17 14:03:38 | |
| CloudLinux 7 ELS | python | 2.7.5 | 7.5 | HIGH | Released | CLSA-2024:1727289167 | 2024-10-07 10:53:23 | |
| CloudLinux 7 ELS | python3 | 3.6.8 | 7.5 | HIGH | Released | CLSA-2024:1727288754 | 2024-10-07 10:53:19 | |
| Oracle Linux 6 ELS | python | 2.6.6 | 7.5 | HIGH | Released | CLSA-2024:1728071284 | 2024-10-04 17:30:19 | |
| Oracle Linux 7 ELS | python | 2.7.5 | 7.5 | HIGH | Released | CLSA-2024:1734027948 | 2024-12-12 16:23:24 | |
| Oracle Linux 7 ELS | python3 | 3.6.8 | 7.5 | HIGH | Released | CLSA-2024:1734635951 | 2024-12-21 02:37:15 | |
| RHEL 7 ELS | python | 2.7.5 | 7.5 | HIGH | Released | CLSA-2025:1747926350 | 2025-05-23 00:21:39 | |
| RHEL 7 ELS | python3 | 3.6.8 | 7.5 | HIGH | Released | CLSA-2025:1748638245 | 2025-06-02 16:06:57 | |
| Ubuntu 16.04 ELS | python3.5 | 3.5.2 | 7.5 | HIGH | Released | CLSA-2025:1740230077 | 2025-02-23 00:20:42 | |
| Ubuntu 16.04 ELS | python2.7 | 2.7.12 | 7.5 | HIGH | Released | CLSA-2024:1727895166 | 2024-10-02 17:28:10 |