vulnerability
Rocky Linux: CVE-2024-0450: python3.11 (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:N/I:N/A:C) | 03/19/2024 | 06/17/2024 | 03/18/2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:N/I:N/A:C)
Published
03/19/2024
Added
06/17/2024
Modified
03/18/2025
Description
An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior.
The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive.
Solution(s)
rocky-upgrade-cython-debugsourcerocky-upgrade-numpy-debugsourcerocky-upgrade-platform-pythonrocky-upgrade-platform-python-debugrocky-upgrade-platform-python-develrocky-upgrade-python-cffi-debugsourcerocky-upgrade-python-cryptography-debugsourcerocky-upgrade-python-lxml-debugsourcerocky-upgrade-python-psutil-debugsourcerocky-upgrade-python-psycopg2-debugsourcerocky-upgrade-python3rocky-upgrade-python3-debugrocky-upgrade-python3-debuginforocky-upgrade-python3-debugsourcerocky-upgrade-python3-develrocky-upgrade-python3-idlerocky-upgrade-python3-libsrocky-upgrade-python3-testrocky-upgrade-python3-tkinterrocky-upgrade-python3.11rocky-upgrade-python3.11-debugrocky-upgrade-python3.11-debuginforocky-upgrade-python3.11-debugsourcerocky-upgrade-python3.11-develrocky-upgrade-python3.11-idlerocky-upgrade-python3.11-libsrocky-upgrade-python3.11-testrocky-upgrade-python3.11-tkinterrocky-upgrade-python3.12rocky-upgrade-python3.12-debugrocky-upgrade-python3.12-debuginforocky-upgrade-python3.12-debugsourcerocky-upgrade-python3.12-develrocky-upgrade-python3.12-idlerocky-upgrade-python3.12-libsrocky-upgrade-python3.12-testrocky-upgrade-python3.12-tkinterrocky-upgrade-python39rocky-upgrade-python39-cffirocky-upgrade-python39-cffi-debuginforocky-upgrade-python39-cryptographyrocky-upgrade-python39-cryptography-debuginforocky-upgrade-python39-cythonrocky-upgrade-python39-cython-debuginforocky-upgrade-python39-debugrocky-upgrade-python39-debuginforocky-upgrade-python39-debugsourcerocky-upgrade-python39-develrocky-upgrade-python39-idlerocky-upgrade-python39-libsrocky-upgrade-python39-lxmlrocky-upgrade-python39-lxml-debuginforocky-upgrade-python39-mod_wsgirocky-upgrade-python39-numpyrocky-upgrade-python39-numpy-debuginforocky-upgrade-python39-numpy-f2pyrocky-upgrade-python39-psutilrocky-upgrade-python39-psutil-debuginforocky-upgrade-python39-psycopg2rocky-upgrade-python39-psycopg2-debuginforocky-upgrade-python39-psycopg2-docrocky-upgrade-python39-psycopg2-testsrocky-upgrade-python39-pybind11rocky-upgrade-python39-pybind11-develrocky-upgrade-python39-pyyamlrocky-upgrade-python39-pyyaml-debuginforocky-upgrade-python39-scipyrocky-upgrade-python39-scipy-debuginforocky-upgrade-python39-testrocky-upgrade-python39-tkinterrocky-upgrade-pyyaml-debugsourcerocky-upgrade-scipy-debugsource
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.