216.73.216.233

CVE-2024-6232

· Published 03/09/2024 13:15 · Modified 04/09/2024 21:15

Labels: CVE-2024-6232 2024-09-03CVE-2024-6232CWE-1333[email protected]

Essential information

Published
03/09/2024 13:15
Modified
04/09/2024 21:15
Author
Creator
CVSS
7.5 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS metrics

Description

There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.

NVD status

Status
Modified — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
python / python cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
python / python cpe:2.3:a:python:python:3.13.0:alpha0:*:*:*:*:*:*
python / python cpe:2.3:a:python:python:3.13.0:alpha1:*:*:*:*:*:*
python / python cpe:2.3:a:python:python:3.13.0:alpha2:*:*:*:*:*:*
python / python cpe:2.3:a:python:python:3.13.0:alpha3:*:*:*:*:*:*
python / python cpe:2.3:a:python:python:3.13.0:alpha4:*:*:*:*:*:*
python / python cpe:2.3:a:python:python:3.13.0:alpha5:*:*:*:*:*:*
python / python cpe:2.3:a:python:python:3.13.0:alpha6:*:*:*:*:*:*
python / python cpe:2.3:a:python:python:3.13.0:beta1:*:*:*:*:*:*
python / python cpe:2.3:a:python:python:3.13.0:beta2:*:*:*:*:*:*
python / python cpe:2.3:a:python:python:3.13.0:beta3:*:*:*:*:*:*
python / python cpe:2.3:a:python:python:3.13.0:beta4:*:*:*:*:*:*
python / python cpe:2.3:a:python:python:3.13.0:rc1:*:*:*:*:*:*

References