CVE-2024-0450

Quoted zip-bomb protection for zipfile

Severity Score

6.2

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track*

*SSVC

Descriptions

An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior.

The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive.

Se encontró un problema en el módulo `zipfile` de CPython que afecta a las versiones 3.12.2, 3.11.8, 3.10.13, 3.9.18 y 3.8.18 y anteriores. El módulo zipfile es vulnerable a bombas zip "superpuestas entre comillas" que explotan el formato zip para crear una bomba zip con una alta relación de compresión. Las versiones fijas de CPython hacen que el módulo zipfile rechace archivos zip que se superponen con entradas en el archivo.

A flaw was found in the Python/CPython 'zipfile' that can allow a zip-bomb type of attack. An attacker may craft a zip file format, leading to a Denial of Service when processed.

*Credits: N/A

CVSS Scores

Python SFv3.1 6.2

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track*

Exploitation

Poc

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-01-11 CVE Reserved
2024-03-19 CVE Published
2024-05-08 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-405: Asymmetric Resource Consumption (Amplification)
CWE-450: Multiple Interpretations of UI Input

CAPEC

CAPEC-130: Excessive Allocation

References (17)

URL	Tag	Source
http://www.openwall.com/lists/oss-security/2024/03/20/5
https://github.com/python/cpython/issues/109858	Issue Tracking
https://lists.debian.org/debian-lts-announce/2024/03/msg00024.html
https://lists.debian.org/debian-lts-announce/2024/03/msg00025.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5VHWS52HGD743C47UMCSAK2A773M2YE
https://www.bamsoftware.com/hacks/zipbomb

URL	Date	SRC

URL	Date	SRC
https://github.com/python/cpython/commit/30fe5d853b56138dbec62432d370a1f99409fc85	2024-06-10
https://github.com/python/cpython/commit/66363b9a7b9fe7c99eba3a185b74c5fdbf842eba	2024-06-10
https://github.com/python/cpython/commit/70497218351ba44bffc8b571201ecb5652d84675	2024-06-10
https://github.com/python/cpython/commit/a2c59992e9e8d35baba9695eb186ad6c6ff85c51	2024-06-10
https://github.com/python/cpython/commit/a956e510f6336d5ae111ba429a61c3ade30a7549	2024-06-10
https://github.com/python/cpython/commit/d05bac0b74153beb541b88b4fca33bf053990183	2024-06-10
https://github.com/python/cpython/commit/fa181fcf2156f703347b03a3b1966ce47be8ab3b	2024-06-10

URL	Date	SRC
https://mail.python.org/archives/list/security-announce@python.org/thread/XELNUX2L3IOHBTFU7RQHCY6OUVEWZ2FG	2024-06-10
https://access.redhat.com/security/cve/CVE-2024-0450	2024-11-12
https://bugzilla.redhat.com/show_bug.cgi?id=2276525	2024-11-12

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Python Software Foundation Search vendor "Python Software Foundation"		CPython Search vendor "Python Software Foundation" for product "CPython"				< 3.8.19 Search vendor "Python Software Foundation" for product "CPython" and version " < 3.8.19"		en		Affected
Python Software Foundation Search vendor "Python Software Foundation"		CPython Search vendor "Python Software Foundation" for product "CPython"				>= 3.9.0 < 3.9.19 Search vendor "Python Software Foundation" for product "CPython" and version " >= 3.9.0 < 3.9.19"		en		Affected
Python Software Foundation Search vendor "Python Software Foundation"		CPython Search vendor "Python Software Foundation" for product "CPython"				>= 3.10.0 < 3.10.14 Search vendor "Python Software Foundation" for product "CPython" and version " >= 3.10.0 < 3.10.14"		en		Affected
Python Software Foundation Search vendor "Python Software Foundation"		CPython Search vendor "Python Software Foundation" for product "CPython"				>= 3.11.0 < 3.11.8 Search vendor "Python Software Foundation" for product "CPython" and version " >= 3.11.0 < 3.11.8"		en		Affected
Python Software Foundation Search vendor "Python Software Foundation"		CPython Search vendor "Python Software Foundation" for product "CPython"				>= 3.12.0 < 3.12.2 Search vendor "Python Software Foundation" for product "CPython" and version " >= 3.12.0 < 3.12.2"		en		Affected