CNNVD-202506-2001 Information
CNNVD ID
CNNVD-202506-2001
Related CVE
- CNNVD Published: 2025-06-17
Description (Chinese)
Python是Python基金会的一套开源的、面向对象的程序设计语言。该语言具有可扩展、支持模块和包、支持多种平台等特点。 Python存在安全漏洞,该漏洞源于处理特制畸形输入时存在二次复杂度问题,可能导致拒绝服务攻击。
Description (English)
Python is an open-source, object-oriented programming language for the Python Foundation. The language has such characteristics as scalable, supporting modules and packages, and supporting multiple platforms. There is a security loophole in Python, which stems from a secondary complexity in the handling of specially deformed input, which could lead to a denial of service attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Python
Published
2025-06-17
Last Modified
2026-02-24
References
https://github.com/python/cpython/pull/135464 https://mail.python.org/archives/list/security-announce@python.org/thread/K5PIYLR6EP3WR7ZOKKYQUWEDNQVUXOYM/ https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41 https://github.com/python/cpython/issues/135462 https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949 https://access.redhat.com/security/cve/cve-2025-6069 https://vigilance.fr/vulnerability/Python-Core-overload-via-HTMLParser-47431 https://nvd.nist.gov/vuln/detail/CVE-2025-6069
Patch
https://www.python.org/downloads/
Share on: