Description

There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.

Remediation

References

CVE-2024-6232

Related Vulnerabilities

MediaWiki Other Vulnerability (CVE-2007-0788)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3553)

WordPress Plugin Nginx Helper Cross-Site Scripting (1.8.9)

WordPress Plugin Product Catalog PHP Object Injection (4.2.25)

WordPress Plugin Import/Export Customizer Settings Cross-Site Request Forgery (1.0.3)

Severity

High

Classification

CVE-2024-6232 CWE-1333 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities