Metrics
Affected Vendors & Products
Fri, 22 Nov 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Wed, 13 Nov 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:9 |
Fri, 11 Oct 2024 23:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Python Software Foundation
Python Software Foundation cpython |
|
CPEs | cpe:2.3:a:python_software_foundation:cpython:*:*:*:*:*:*:*:* | |
Vendors & Products |
Python Software Foundation
Python Software Foundation cpython |
|
References |
|
|
Metrics |
ssvc
|
Wed, 04 Sep 2024 22:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Wed, 04 Sep 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Tue, 03 Sep 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Thu, 29 Aug 2024 06:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat
Redhat enterprise Linux |
|
CPEs | cpe:/a:redhat:enterprise_linux:8 | |
Vendors & Products |
Redhat
Redhat enterprise Linux |
Wed, 28 Aug 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
cvssV3_1
|
Wed, 28 Aug 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Mon, 26 Aug 2024 18:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | There is a HIGH severity vulnerability affecting the CPython "zipfile" module. When iterating over names of entries in a zip archive (for example, methods of "zipfile.ZipFile" like "namelist()", "iterdir()", "extractall()", etc) the process can be put into an infinite loop with a maliciously crafted zip archive. This defect applies when reading only metadata or extracting the contents of the zip archive. Programs that are not handling user-controlled zip archives are not affected. | There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over names of entries in a zip archive (for example, methods of "zipfile.Path" like "namelist()", "iterdir()", etc) the process can be put into an infinite loop with a maliciously crafted zip archive. This defect applies when reading only metadata or extracting the contents of the zip archive. Programs that are not handling user-controlled zip archives are not affected. |
Title | Infinite loop when iterating over zip archive entry names | Infinite loop when iterating over zip archive entry names from zipfile.Path |
Sat, 24 Aug 2024 00:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Fri, 23 Aug 2024 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Fri, 23 Aug 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Fri, 23 Aug 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Fri, 23 Aug 2024 01:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Thu, 22 Aug 2024 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | There is a HIGH severity vulnerability affecting the CPython "zipfile" module. When iterating over names of entries in a zip archive (for example, methods of "zipfile.ZipFile" like "namelist()", "iterdir()", "extractall()", etc) the process can be put into an infinite loop with a maliciously crafted zip archive. This defect applies when reading only metadata or extracting the contents of the zip archive. Programs that are not handling user-controlled zip archives are not affected. | |
Title | Infinite loop when iterating over zip archive entry names | |
Weaknesses | CWE-835 | |
References |
|
|
Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: PSF
Published: 2024-08-22T18:45:31.807Z
Updated: 2024-10-11T22:03:20.370Z
Reserved: 2024-08-22T12:42:32.661Z
Link: CVE-2024-8088
Updated: 2024-10-11T22:03:20.370Z
Status : Awaiting Analysis
Published: 2024-08-22T19:15:09.720
Modified: 2024-11-21T09:52:39.210
Link: CVE-2024-8088