vulnerability
Amazon Linux 2023: CVE-2025-6069: Medium priority package update for python3.12 (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:N/I:N/A:P) | Jun 17, 2025 | Jul 11, 2025 | Jul 30, 2025 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:N/A:P)
Published
Jun 17, 2025
Added
Jul 11, 2025
Modified
Jul 30, 2025
Description
A denial-of-service (DoS) vulnerability has been discovered in Python's html.parser.HTMLParser class. When processing specially malformed HTML input, the parsing runtime can become quadratic with respect to the input size. This significantly increased processing time can lead to excessive resource consumption, ultimately causing a denial-of-service condition in applications that rely on this parser.
Solutions
amazon-linux-2023-upgrade-python3amazon-linux-2023-upgrade-python3-11amazon-linux-2023-upgrade-python3-11-debugamazon-linux-2023-upgrade-python3-11-debuginfoamazon-linux-2023-upgrade-python3-11-debugsourceamazon-linux-2023-upgrade-python3-11-develamazon-linux-2023-upgrade-python3-11-idleamazon-linux-2023-upgrade-python3-11-libsamazon-linux-2023-upgrade-python3-11-testamazon-linux-2023-upgrade-python3-11-tkinteramazon-linux-2023-upgrade-python3-12amazon-linux-2023-upgrade-python3-12-debugamazon-linux-2023-upgrade-python3-12-debuginfoamazon-linux-2023-upgrade-python3-12-debugsourceamazon-linux-2023-upgrade-python3-12-develamazon-linux-2023-upgrade-python3-12-idleamazon-linux-2023-upgrade-python3-12-libsamazon-linux-2023-upgrade-python3-12-testamazon-linux-2023-upgrade-python3-12-tkinteramazon-linux-2023-upgrade-python3-9-debuginfoamazon-linux-2023-upgrade-python3-9-debugsourceamazon-linux-2023-upgrade-python3-debugamazon-linux-2023-upgrade-python3-develamazon-linux-2023-upgrade-python3-idleamazon-linux-2023-upgrade-python3-libsamazon-linux-2023-upgrade-python3-testamazon-linux-2023-upgrade-python3-tkinteramazon-linux-2023-upgrade-python-unversioned-command
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.