CNNVD-202512-684 Information

CNNVD ID

CNNVD-202512-684

Related CVE

CVE-2025-6966

• CNNVD Published: 2025-12-05

Description (Chinese)

Python-apt是Python基金会的一个可支持Apt软件包管理工具的Pypi代码库。 Python-apt存在安全漏洞，该漏洞源于TagSection.keys函数存在空指针取消引用，可能导致本地攻击者通过特制deb822文件造成拒绝服务。

Description (English)

Python-apt is a Pypi code library of the Python Foundation that supports the Apt package management tool. There is a security loophole in Python-apt, which stems from the absence of an empty pointer to remove references in the TagSection.keys function, which could lead to the rejection of services by local assailants through specially designed Deb822.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Python

Published

2025-12-05

Last Modified

2026-02-24

References

https://bugs.launchpad.net/ubuntu/+source/python-apt/+bug/2091865 https://vigilance.fr/vulnerability/python-apt-NULL-pointer-dereference-via-TagSection-keys-49024