vulnerability
Oracle Linux: CVE-2024-6232: ELSA-2024-6975: python3 security update (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Sep 3, 2024 | Oct 16, 2024 | Mar 18, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Sep 3, 2024
Added
Oct 16, 2024
Modified
Mar 18, 2025
Description
There is a MEDIUM severity vulnerability affecting CPython.
Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.
A regular expression denial of service (ReDos) vulnerability was found in Python's tarfile module. Due to excessive backtracking while tarfile parses headers, an attacker may be able to trigger a denial of service via a specially crafted tar archive.
Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.
A regular expression denial of service (ReDos) vulnerability was found in Python's tarfile module. Due to excessive backtracking while tarfile parses headers, an attacker may be able to trigger a denial of service via a specially crafted tar archive.
Solution(s)
oracle-linux-upgrade-platform-pythonoracle-linux-upgrade-platform-python-debugoracle-linux-upgrade-platform-python-develoracle-linux-upgrade-python3oracle-linux-upgrade-python3-11oracle-linux-upgrade-python3-11-debugoracle-linux-upgrade-python3-11-develoracle-linux-upgrade-python3-11-idleoracle-linux-upgrade-python3-11-libsoracle-linux-upgrade-python3-11-rpm-macrosoracle-linux-upgrade-python3-11-testoracle-linux-upgrade-python3-11-tkinteroracle-linux-upgrade-python3-12oracle-linux-upgrade-python3-12-debugoracle-linux-upgrade-python3-12-develoracle-linux-upgrade-python3-12-idleoracle-linux-upgrade-python3-12-libsoracle-linux-upgrade-python3-12-rpm-macrosoracle-linux-upgrade-python3-12-testoracle-linux-upgrade-python3-12-tkinteroracle-linux-upgrade-python39oracle-linux-upgrade-python39-cffioracle-linux-upgrade-python39-chardetoracle-linux-upgrade-python39-cryptographyoracle-linux-upgrade-python39-debugoracle-linux-upgrade-python39-develoracle-linux-upgrade-python39-idleoracle-linux-upgrade-python39-idnaoracle-linux-upgrade-python39-libsoracle-linux-upgrade-python39-lxmloracle-linux-upgrade-python39-mod-wsgioracle-linux-upgrade-python39-numpyoracle-linux-upgrade-python39-numpy-docoracle-linux-upgrade-python39-numpy-f2pyoracle-linux-upgrade-python39-piporacle-linux-upgrade-python39-pip-wheeloracle-linux-upgrade-python39-plyoracle-linux-upgrade-python39-psutiloracle-linux-upgrade-python39-psycopg2oracle-linux-upgrade-python39-psycopg2-docoracle-linux-upgrade-python39-psycopg2-testsoracle-linux-upgrade-python39-pycparseroracle-linux-upgrade-python39-pymysqloracle-linux-upgrade-python39-pysocksoracle-linux-upgrade-python39-pyyamloracle-linux-upgrade-python39-requestsoracle-linux-upgrade-python39-rpm-macrosoracle-linux-upgrade-python39-scipyoracle-linux-upgrade-python39-setuptoolsoracle-linux-upgrade-python39-setuptools-wheeloracle-linux-upgrade-python39-sixoracle-linux-upgrade-python39-testoracle-linux-upgrade-python39-tkinteroracle-linux-upgrade-python39-tomloracle-linux-upgrade-python39-urllib3oracle-linux-upgrade-python39-wheeloracle-linux-upgrade-python39-wheel-wheeloracle-linux-upgrade-python3-debugoracle-linux-upgrade-python3-develoracle-linux-upgrade-python3-idleoracle-linux-upgrade-python3-libsoracle-linux-upgrade-python3-testoracle-linux-upgrade-python3-tkinteroracle-linux-upgrade-python-unversioned-command
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.