CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-6232 – Regular-expression DoS when parsing TarFile headers
https://notcve.org/view.php?id=CVE-2024-6232
There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives. • https://github.com/python/cpython/commit/4eaf4891c12589e3c7bdad5f5b076e4c8392dd06 https://github.com/python/cpython/commit/743acbe872485dc18df4d8ab2dc7895187f062c4 https://github.com/python/cpython/commit/d449caf8a179e3b954268b3a88eb9170be3c8fbf https://github.com/python/cpython/commit/ed3a49ea734ada357ff4442996fd4ae71d253373 https://github.com/python/cpython/issues/121285 https://github.com/python/cpython/pull/121286 https://mail.python.org/archives/list/security-announce@python.org/thread/JRYFTPRHZRTLMZLWQEUHZSJXNHM4ACTY https://github.com/python/cp • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 8.7EPSS: 0%CPEs: 5EXPL: 0CVE-2024-8088 – Infinite loop when iterating over zip archive entry names from zipfile.Path
https://notcve.org/view.php?id=CVE-2024-8088
There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over names of entries in a zip archive (for example, methods of "zipfile.Path" like "namelist()", "iterdir()", etc) the process can be put into an infinite loop with a maliciously crafted zip archive. This defect applies when reading only metadata or extracting the contents of the zip archive. Programs that are not handling user-controlled zip archives are not affected. A flaw was found in Python's zipfile module. • https://mail.python.org/archives/list/security-announce@python.org/thread/GNFCKVI4TCATKQLALJ5SN4L4CSPSMILU https://github.com/python/cpython/pull/122906 https://github.com/python/cpython/issues/122905 https://github.com/python/cpython/commit/795f2597a4be988e2bb19b69ff9958e981cb894e https://github.com/python/cpython/commit/8c7348939d8a3ecd79d630075f6be1b0c5b41f64 https://github.com/python/cpython/commit/dcc5182f27c1500006a1ef78e10613bb45788dea https://github.com/python/cpython/commit/e0264a61119d551658d9445af38323ba94fc16db https://github.com/python/cp • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-7592 – Quadratic complexity parsing cookies with backslashes
https://notcve.org/view.php?id=CVE-2024-7592
There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resources being used while parsing the value. • https://github.com/python/cpython/issues/123067 https://github.com/python/cpython/pull/123075 https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK https://github.com/python/cpython/commit/391e5626e3ee5af267b97e37abc7475732e67621 https://github.com/python/cpython/commit/dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1 https://github.com/python/cpython/commit/a77ab24427a18bff817025adb03ca920dc3f1a06 https://github.com/python/cpython/commit/b2f11ca7667e4d57c71c1c88b255115f16042d9a https://github.com/python/cp • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-6923 – Email header injection due to unquoted newlines
https://notcve.org/view.php?id=CVE-2024-6923
There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized. A vulnerability was found in the email module that uses Python language. The email module doesn't properly quote new lines in email headers. This flaw allows an attacker to inject email headers that could, among other possibilities, add hidden email destinations or inject content into the email, impacting data confidentiality and integrity. • https://github.com/python/cpython/issues/121650 https://github.com/python/cpython/pull/122233 https://mail.python.org/archives/list/security-announce@python.org/thread/QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW https://github.com/python/cpython/commit/4766d1200fdf8b6728137aa2927a297e224d5fa7 https://github.com/python/cpython/commit/4aaa4259b5a6e664b7316a4d60bdec7ee0f124d0 https://github.com/python/cpython/commit/06f28dc236708f72871c64d4bc4b4ea144c50147 https://github.com/python/cpython/commit/b158a76ce094897c870fb6b3de62887b7ccc33f1 https://github.com/python/cp • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 2.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-3219 – Pure-Python fallback of socket.socketpair() doesn’t authenticate peer connection
https://notcve.org/view.php?id=CVE-2024-3219
There is a MEDIUM severity vulnerability affecting CPython. The “socket” module provides a pure-Python fallback to the socket.socketpair() function for platforms that don’t support AF_UNIX, such as Windows. This pure-Python implementation uses AF_INET or AF_INET6 to create a local connected pair of sockets. The connection between the two sockets was not verified before passing the two sockets back to the user, which leaves the server socket vulnerable to a connection race from a malicious local peer. Platforms that support AF_UNIX such as Linux and macOS are not affected by this vulnerability. Versions prior to CPython 3.5 are not affected due to the vulnerable API not being included. • https://github.com/python/cpython/pull/122134 https://github.com/python/cpython/issues/122133 https://mail.python.org/archives/list/security-announce@python.org/thread/WYKDQWIERRE2ICIYMSVRZJO33GSCWU2B http://www.openwall.com/lists/oss-security/2024/07/29/3 https://github.com/python/cpython/commit/06fa244666ec6335a3b9bf2367e31b42b9a89b20 https://github.com/python/cpython/commit/0b65c8bf5367625673eafb92f85046a1b31259f2 https://github.com/python/cpython/commit/220e31adeaaa8436c9ff234cba1398bc49e2bb6c https://github.com/python/cpython&#x •