CNNVD-202512-358 Information

CNNVD ID

CNNVD-202512-358

Related CVE

CVE-2025-12084

• CNNVD Published: 2025-12-03

Description (Chinese)

CPython是Python基金会的一个用C语言实现的Python解释器。 CPython存在安全漏洞，该漏洞源于构建嵌套元素时算法复杂度问题，可能导致构建过度嵌套文档时影响可用性。

Description (English)

CPython is a Python interpreter for the Python Foundation in the C language. There is a security loophole in CPython, which stems from the complexity of algorithms when building embedded elements, which may affect usability when building over-enhanced documents.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Python

Published

2025-12-03

Last Modified

2026-02-24

References

https://github.com/python/cpython/issues/142145 https://github.com/python/cpython/pull/142146 https://github.com/python/cpython/commit/08d8e18ad81cd45bc4a27d6da478b51ea49486e4 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12084

Patch

https://github.com/python/cpython/tags