{"dataType": "CVE_RECORD", "containers": {"adp": [{"metrics": [{"other": {"type": "Unknown", "content": {"data": "{\"description\":\"not yet assigned\"}"}}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"unimportant\"}"}}}], "affected": [{"vendor": "debian", "product": "python3.11", "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "jython", "platforms": ["bookworm", "bullseye", "forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "pypy3", "platforms": ["bookworm", "bullseye", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python2.7", "platforms": ["bullseye"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python3.9", "platforms": ["bullseye"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "pypy3", "versions": [{"status": "affected", "version": "0", "lessThan": "7.3.20+dfsg-2", "versionType": "deb"}], "platforms": ["forky", "sid"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "pypy3-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "7.3.20+dfsg-2", "versionType": "deb"}], "platforms": ["forky", "sid"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "pypy3-dev", "versions": [{"status": "affected", "version": "0", "lessThan": "7.3.20+dfsg-2", "versionType": "deb"}], "platforms": ["forky", "sid"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "pypy3-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "7.3.20+dfsg-2", "versionType": "deb"}], "platforms": ["forky", "sid"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "pypy3-lib", "versions": [{"status": "affected", "version": "0", "lessThan": "7.3.20+dfsg-2", "versionType": "deb"}], "platforms": ["forky", "sid"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "pypy3-lib-testsuite", "versions": [{"status": "affected", "version": "0", "lessThan": "7.3.20+dfsg-2", "versionType": "deb"}], "platforms": ["forky", "sid"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "pypy3-tk", "versions": [{"status": "affected", "version": "0", "lessThan": "7.3.20+dfsg-2", "versionType": "deb"}], "platforms": ["forky", "sid"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "pypy3-tk-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "7.3.20+dfsg-2", "versionType": "deb"}], "platforms": ["forky", "sid"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "pypy3-venv", "versions": [{"status": "affected", "version": "0", "lessThan": "7.3.20+dfsg-2", "versionType": "deb"}], "platforms": ["forky", "sid"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "idle-python3.13", "versions": [{"status": "affected", "version": "0", "lessThan": "3.13.4-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libpython3.13", "versions": [{"status": "affected", "version": "0", "lessThan": "3.13.4-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libpython3.13-dbg", "versions": [{"status": "affected", "version": "0", "lessThan": "3.13.4-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libpython3.13-dev", "versions": [{"status": "affected", "version": "0", "lessThan": "3.13.4-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libpython3.13-minimal", "versions": [{"status": "affected", "version": "0", "lessThan": "3.13.4-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libpython3.13-stdlib", "versions": [{"status": "affected", "version": "0", "lessThan": "3.13.4-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libpython3.13-testsuite", "versions": [{"status": "affected", "version": "0", "lessThan": "3.13.4-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python3.13", "versions": [{"status": "affected", "version": "0", "lessThan": "3.13.4-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python3.13-dbg", "versions": [{"status": "affected", "version": "0", "lessThan": "3.13.4-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python3.13-dev", "versions": [{"status": "affected", "version": "0", "lessThan": "3.13.4-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python3.13-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "3.13.4-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python3.13-examples", "versions": [{"status": "affected", "version": "0", "lessThan": "3.13.4-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python3.13-full", "versions": [{"status": "affected", "version": "0", "lessThan": "3.13.4-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python3.13-gdbm", "versions": [{"status": "affected", "version": "0", "lessThan": "3.13.4-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python3.13-minimal", "versions": [{"status": "affected", "version": "0", "lessThan": "3.13.4-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python3.13-nopie", "versions": [{"status": "affected", "version": "0", "lessThan": "3.13.4-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python3.13-tk", "versions": [{"status": "affected", "version": "0", "lessThan": "3.13.4-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python3.13-venv", "versions": [{"status": "affected", "version": "0", "lessThan": "3.13.4-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}], "references": [{"url": "https://security-tracker.debian.org/tracker/CVE-2025-4517"}], "descriptions": [{"lang": "en", "value": "Allows arbitrary filesystem writes outside the extraction directory during extraction with filter=\"data\".   You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of \"data\" or \"tar\". See the tarfile  extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter  for more information.  Note that for Python 3.14 or later the default value of filter= changed from \"no filtering\" to `\"data\", so if you are relying on this new default behavior then your usage is also affected.  Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links."}], "providerMetadata": {"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian", "dateUpdated": "2025-06-03T12:58:50.352Z", "x_subShortName": "debian"}}, {"credits": [{"lang": "en", "value": "packager@almalinux.org"}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "almalinux", "product": "python-unversioned-command", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:10"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:10"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:10"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:10"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:10"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:10"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:10"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:10"], "defaultStatus": "unaffected"}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-4517", "name": "CVE-2025-4517"}], "descriptions": [{"lang": "en", "value": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.  \n\nSecurity Fix(es):  \n\n  * cpython: Tarfile extracts filtered members when errorlevel=0 (CVE-2025-4435)\n  * cpython: Bypass extraction filter to modify file metadata outside extraction directory (CVE-2024-12718)\n  * cpython: Extraction filter bypass for linking outside extraction directory (CVE-2025-4330)\n  * python: cpython: Arbitrary writes via tarfile realpath overflow (CVE-2025-4517)\n  * cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory (CVE-2025-4138)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n"}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000001", "shortName": "almalinux", "dateUpdated": "2025-07-01T00:00:00Z", "x_subShortName": "alma_10"}}, {"credits": [{"lang": "en", "value": "packager@almalinux.org"}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "almalinux", "product": "platform-python", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.8-70.el8_10.alma.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "platform-python-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.8-70.el8_10.alma.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "platform-python-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.8-70.el8_10.alma.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.8-70.el8_10.alma.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.8-70.el8_10.alma.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.8-70.el8_10.alma.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.8-70.el8_10.alma.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.11", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.11-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.11-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.11-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.11-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.11-rpm-macros", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.11-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.11-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.12", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.12-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.12-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.12-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.12-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.12-rpm-macros", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.12-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.12-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module_el8.10.0+4083+53cad1fb", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-Cython", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-PyMySQL", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.10.1-2.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-attrs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.3.0-2.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-cffi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-chardet", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.0.4-19.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-cryptography", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.module_el8.10.0+3765+2f9a457d", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module_el8.10.0+4083+53cad1fb", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module_el8.10.0+4083+53cad1fb", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module_el8.10.0+4083+53cad1fb", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-idna", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.10-4.module_el8.10.0+3849+a48d89aa", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-iniconfig", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.1.1-2.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module_el8.10.0+4083+53cad1fb", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-lxml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.6.5-1.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-mod_wsgi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.7.1-7.module_el8.10.0+3989+a618fe15.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-more-itertools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:8.5.0-2.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-numpy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-numpy-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-numpy-f2py", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-packaging", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.4-4.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-pip", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module_el8.10.0+3765+2f9a457d", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-pip-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module_el8.10.0+3765+2f9a457d", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-pluggy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.13.1-3.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-ply", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11-10.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-psutil", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.8.0-4.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-psycopg2", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module_el8.10.0+3765+2f9a457d", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-psycopg2-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module_el8.10.0+3765+2f9a457d", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-psycopg2-tests", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module_el8.10.0+3765+2f9a457d", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-py", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.10.0-1.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-pybind11", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.7.1-1.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-pybind11-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.7.1-1.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-pycparser", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.20-3.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-pyparsing", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.4.7-5.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-pysocks", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.7.1-4.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-pytest", "versions": [{"status": "affected", "version": "0", "lessThan": "0:6.0.2-2.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-pyyaml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-requests", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.25.0-3.module_el8.9.0+3634+fb2a896c", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-rpm-macros", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module_el8.10.0+4083+53cad1fb", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-scipy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module_el8.9.0+3634+fb2a896c", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:50.3.2-7.module_el8.10.0+4040+9207bbc0", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:50.3.2-7.module_el8.10.0+4040+9207bbc0", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-six", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.15.0-3.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module_el8.10.0+4083+53cad1fb", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module_el8.10.0+4083+53cad1fb", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-toml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.10.1-5.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-urllib3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.25.10-5.module_el8.10.0+3765+2f9a457d", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-wcwidth", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.2.5-3.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-wheel-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-4517", "name": "CVE-2025-4517"}], "descriptions": [{"lang": "en", "value": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.  \n\nSecurity Fix(es):  \n\n  * cpython: Tarfile extracts filtered members when errorlevel=0 (CVE-2025-4435)\n  * cpython: Bypass extraction filter to modify file metadata outside extraction directory (CVE-2024-12718)\n  * cpython: Extraction filter bypass for linking outside extraction directory (CVE-2025-4330)\n  * python: cpython: Arbitrary writes via tarfile realpath overflow (CVE-2025-4517)\n  * cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory (CVE-2025-4138)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n"}, {"lang": "en", "value": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.  \n\nSecurity Fix(es):  \n\n  * python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used (CVE-2024-5642)\n  * python: Virtual environment (venv) activation scripts don't quote paths (CVE-2024-9287)\n  * python: Improper validation of IPv6 and IPvFuture addresses (CVE-2024-11168)\n  * python: cpython: URL parser allowed square brackets in domain names (CVE-2025-0938)\n  * cpython: python: CPython DecodeError Handling Vulnerability (CVE-2025-4516)\n  * cpython: Tarfile extracts filtered members when errorlevel=0 (CVE-2025-4435)\n  * cpython: python: Extraction filter bypass for linking outside extraction directory (CVE-2025-4330)\n  * python: cpython: Arbitrary writes via tarfile realpath overflow (CVE-2025-4517)\n  * cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory (CVE-2025-4138)\n  * cpython: Python HTMLParser quadratic complexity (CVE-2025-6069)\n  * cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked (CVE-2025-8291)\n  * python: Quadratic complexity in os.path.expandvars() with user-controlled template (CVE-2025-6075)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n"}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000001", "shortName": "almalinux", "dateUpdated": "2025-07-01T00:00:00Z", "x_subShortName": "alma_8"}}, {"credits": [{"lang": "en", "value": "packager@almalinux.org"}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "almalinux", "product": "python-unversioned-command", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.11", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.11-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.11-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.11-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.11-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.11-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.11-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.12", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.12-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.12-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.12-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.12-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.12-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.12-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-4517", "name": "CVE-2025-4517"}], "descriptions": [{"lang": "en", "value": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.  \n\nSecurity Fix(es):  \n\n  * cpython: Tarfile extracts filtered members when errorlevel=0 (CVE-2025-4435)\n  * cpython: Bypass extraction filter to modify file metadata outside extraction directory (CVE-2024-12718)\n  * cpython: Extraction filter bypass for linking outside extraction directory (CVE-2025-4330)\n  * python: cpython: Arbitrary writes via tarfile realpath overflow (CVE-2025-4517)\n  * cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory (CVE-2025-4138)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n"}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000001", "shortName": "almalinux", "dateUpdated": "2025-07-01T00:00:00Z", "x_subShortName": "alma_9"}}, {"metrics": [{"other": {"type": "Unknown", "content": {"data": "{\"description\":\"high\"}"}}}], "affected": [{"vendor": "fedora", "product": "python3.6", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-47.fc41", "versionType": "rpm"}], "platforms": ["cpe:/o:fedoraproject:fedora:41"], "defaultStatus": "unaffected"}, {"vendor": "fedora", "product": "python3.6", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-47.fc42", "versionType": "rpm"}], "platforms": ["cpe:/o:fedoraproject:fedora:42"], "defaultStatus": "unaffected"}], "references": [{"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-266a1353a1"}, {"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-a8abfbb35c"}], "descriptions": [{"lang": "en", "value": "Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435"}], "providerMetadata": {"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "shortName": "fedora", "dateUpdated": "2025-07-13T02:56:45Z", "x_subShortName": "fedora"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"IMPORTANT\"}"}}}], "affected": [{"vendor": "oraclelinux", "product": "python-unversioned-command", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.0.1.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:10"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.0.1.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:10"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.0.1.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:10"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.0.1.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:10"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.0.1.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:10"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.0.1.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:10"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.0.1.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:10"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.0.1.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:10"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "platform-python", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.8-70.0.1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "platform-python-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.8-70.0.1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "platform-python-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.8-70.0.1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.8-70.0.1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.8-70.0.1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.8-70.0.1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.8-70.0.1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.11", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.0.1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.11-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.0.1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.11-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.0.1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.11-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.0.1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.11-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.0.1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.11-rpm-macros", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.0.1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.11-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.0.1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.11-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.0.1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.12", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.12-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.12-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.12-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.12-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.12-rpm-macros", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.12-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.12-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+90733+27f37730", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-Cython", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-PyMySQL", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.10.1-2.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-attrs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.3.0-2.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-cffi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-chardet", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.0.4-19.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-cryptography", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.0.1.module+el8.10.0+90269+2fa22b99", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+90733+27f37730", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+90733+27f37730", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+90733+27f37730", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-idna", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.10-4.module+el8.10.0+90341+71ca88f4", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-iniconfig", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.1.1-2.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+90733+27f37730", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-lxml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.6.5-1.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-mod_wsgi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.7.1-7.module+el8.10.0+90647+49247197.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-more-itertools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:8.5.0-2.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-numpy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-numpy-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-numpy-f2py", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-packaging", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.4-4.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-pip", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module+el8.10.0+90269+2fa22b99", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-pip-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module+el8.10.0+90269+2fa22b99", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-pluggy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.13.1-3.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-ply", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11-10.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-psutil", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.8.0-4.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-psycopg2", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+90269+2fa22b99", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-psycopg2-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+90269+2fa22b99", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-psycopg2-tests", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+90269+2fa22b99", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-py", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.10.0-1.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-pybind11", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.7.1-1.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-pybind11-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.7.1-1.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-pycparser", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.20-3.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-pyparsing", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.4.7-5.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-pysocks", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.7.1-4.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-pytest", "versions": [{"status": "affected", "version": "0", "lessThan": "0:6.0.2-2.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-pyyaml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-requests", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.25.0-3.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-rpm-macros", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+90733+27f37730", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-scipy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:50.3.2-7.module+el8.10.0+90647+49247197", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:50.3.2-7.module+el8.10.0+90647+49247197", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-six", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.15.0-3.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+90733+27f37730", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+90733+27f37730", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-toml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.10.1-5.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-urllib3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.25.10-5.module+el8.10.0+90269+2fa22b99", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-wcwidth", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.2.5-3.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-wheel-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python-unversioned-command", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.11", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.11-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.11-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.11-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.11-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.11-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.11-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.12", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.12-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.12-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.12-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.12-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.12-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.12-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}], "references": [{"url": "https://linux.oracle.com/cve/CVE-2025-4517.html"}], "descriptions": [{"lang": "en", "value": "Allows arbitrary filesystem writes outside the extraction directory during extraction with filter=\"data\".\n\n\nYou are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of \"data\" or \"tar\". See the tarfile  extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter  for more information.\n\nNote that for Python 3.14 or later the default value of filter= changed from \"no filtering\" to `\"data\", so if you are relying on this new default behavior then your usage is also affected.\n\nNote that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links."}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000006", "shortName": "oraclelinux", "dateUpdated": "2025-07-01T00:00:00Z", "x_subShortName": "oraclelinux"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "redhat", "product": "python-unversioned-command", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:10"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:10"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:10"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:10"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:10"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:10"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:10"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:10"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:10"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:10"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:10"], "defaultStatus": "unaffected"}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-4517"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370016"}, {"url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f"}, {"url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"}, {"url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"}, {"url": "https://github.com/python/cpython/issues/135034"}, {"url": "https://github.com/python/cpython/pull/135037"}, {"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"}, {"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4517"}, {"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"}], "descriptions": [{"lang": "en", "value": "A flaw was found in the CPython tarfile module. This vulnerability allows arbitrary filesystem writes outside the extraction directory via extracting untrusted tar archives using the TarFile.extractall() or TarFile.extract() methods with the extraction filter parameter set to \"data\" or \"tar\"."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-06-03T12:58:50Z", "x_subShortName": "redhat_10"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "redhat", "product": "platform-python", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.8-70.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "platform-python-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.8-70.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "platform-python-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.8-70.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python-PyMySQL", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python-distro", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python-docs", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python-docutils", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python-nose", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python-nose-docs", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python-pygments", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python-pymongo", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python-pymongo-doc", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python-sqlalchemy", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python-sqlalchemy-doc", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python-virtualenv", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python-virtualenv-doc", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python-wheel", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-PyMySQL", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-bson", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-distro", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-docs", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-docutils", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.8-70.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.8-70.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-nose", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-pygments", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-pymongo", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-pymongo-gridfs", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-scipy", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-sqlalchemy", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.8-70.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.8-70.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-virtualenv", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-wheel", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-wheel-wheel", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.11", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.11-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.11-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.11-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.11-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.11-rpm-macros", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.11-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.11-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12-rpm-macros", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python36", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python36-debug", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python36-devel", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python36-rpm-macros", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+23718+1842ae33", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-Cython", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-PyMySQL", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.10.1-2.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-attrs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.3.0-2.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-cffi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-chardet", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.0.4-19.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-cryptography", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.module+el8.10.0+21271+eccd1d86", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+23718+1842ae33", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+23718+1842ae33", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+23718+1842ae33", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-idna", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.10-4.module+el8.10.0+21815+bb024982", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-iniconfig", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.1.1-2.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+23718+1842ae33", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-lxml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.6.5-1.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-mod_wsgi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.7.1-7.module+el8.10.0+23075+0aa18782.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-more-itertools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:8.5.0-2.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-numpy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-numpy-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-numpy-f2py", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-packaging", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.4-4.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-pip", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module+el8.10.0+21329+8d76b841", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-pip-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module+el8.10.0+21329+8d76b841", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-pluggy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.13.1-3.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-ply", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11-10.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-psutil", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.8.0-4.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-psycopg2", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+21142+453d2b75", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-psycopg2-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+21142+453d2b75", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-psycopg2-tests", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+21142+453d2b75", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-py", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.10.0-1.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-pybind11", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.7.1-1.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-pybind11-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.7.1-1.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-pycparser", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.20-3.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-pyparsing", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.4.7-5.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-pysocks", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.7.1-4.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-pytest", "versions": [{"status": "affected", "version": "0", "lessThan": "0:6.0.2-2.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-pyyaml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-requests", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.25.0-3.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-rpm-macros", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+23718+1842ae33", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-scipy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:50.3.2-7.module+el8.10.0+23406+03055bfb", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:50.3.2-7.module+el8.10.0+23406+03055bfb", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-six", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.15.0-3.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+23718+1842ae33", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+23718+1842ae33", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-toml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.10.1-5.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-urllib3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.25.10-5.module+el8.10.0+20443+f0a692fe", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-wcwidth", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.2.5-3.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-wheel-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "scipy", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:10026"}, {"url": "https://access.redhat.com/errata/RHSA-2025:10031"}, {"url": "https://access.redhat.com/errata/RHSA-2025:10128"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23530"}, {"url": "https://access.redhat.com/security/cve/CVE-2025-4517"}], "descriptions": [{"lang": "en", "value": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* cpython: Tarfile extracts filtered members when errorlevel=0 (CVE-2025-4435)\n\n* cpython: Bypass extraction filter to modify file metadata outside extraction directory (CVE-2024-12718)\n\n* cpython: Extraction filter bypass for linking outside extraction directory (CVE-2025-4330)\n\n* python: cpython: Arbitrary writes via tarfile realpath overflow (CVE-2025-4517)\n\n* cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory (CVE-2025-4138)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section."}, {"lang": "en", "value": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used (CVE-2024-5642)\n\n* python: Virtual environment (venv) activation scripts don't quote paths (CVE-2024-9287)\n\n* python: Improper validation of IPv6 and IPvFuture addresses (CVE-2024-11168)\n\n* python: cpython: URL parser allowed square brackets in domain names (CVE-2025-0938)\n\n* cpython: python: CPython DecodeError Handling Vulnerability (CVE-2025-4516)\n\n* cpython: Tarfile extracts filtered members when errorlevel=0 (CVE-2025-4435)\n\n* cpython: python: Extraction filter bypass for linking outside extraction directory (CVE-2025-4330)\n\n* python: cpython: Arbitrary writes via tarfile realpath overflow (CVE-2025-4517)\n\n* cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory (CVE-2025-4138)\n\n* cpython: Python HTMLParser quadratic complexity (CVE-2025-6069)\n\n* cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked (CVE-2025-8291)\n\n* python: Quadratic complexity in os.path.expandvars() with user-controlled template (CVE-2025-6075)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section."}, {"lang": "en", "value": "Red Hat's versions of the associated software have been determined to NOT be affected by CVE-2025-4517."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-06-03T12:58:00Z", "x_subShortName": "redhat_8"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "redhat", "product": "python-unversioned-command", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.11", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.11-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.11-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.11-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.11-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.11-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.11-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:10136"}, {"url": "https://access.redhat.com/errata/RHSA-2025:10148"}, {"url": "https://access.redhat.com/errata/RHSA-2025:10189"}, {"url": "https://access.redhat.com/security/cve/CVE-2025-4517"}], "descriptions": [{"lang": "en", "value": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* cpython: Tarfile extracts filtered members when errorlevel=0 (CVE-2025-4435)\n\n* cpython: Bypass extraction filter to modify file metadata outside extraction directory (CVE-2024-12718)\n\n* cpython: Extraction filter bypass for linking outside extraction directory (CVE-2025-4330)\n\n* python: cpython: Arbitrary writes via tarfile realpath overflow (CVE-2025-4517)\n\n* cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory (CVE-2025-4138)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-06-03T12:58:00Z", "x_subShortName": "redhat_9"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "rocky", "product": "python-unversioned-command", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:10"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:10"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:10"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:10"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:10"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:10"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:10"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:10"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:10"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:10"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-2.el10_0.2", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:10"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "Cython", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "Cython-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "PyYAML", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.9.0+1418+f0d66789", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "PyYAML-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.9.0+1418+f0d66789", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "mod_wsgi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.7.1-7.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:4.7.1-7.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:4.7.1-7.module+el8.10.0+1978+d4f111ba.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "numpy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "numpy-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "pybind11", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.7.1-1.module+el8.9.0+1357+a3b80af7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "pytest", "versions": [{"status": "affected", "version": "0", "lessThan": "0:6.0.2-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:6.0.2-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-PyMySQL", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.10.1-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.10.1-2.module+el8.10.0+1592+61442852", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.10.1-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.10.1-2.module+el8.10.0+1910+234ad790", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-attrs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.3.0-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:20.3.0-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-cffi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-cffi-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-chardet", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.0.4-19.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:3.0.4-19.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:3.0.4-19.module+el8.9.0+1418+f0d66789", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-cryptography", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.module+el8.10.0+1697+7e517775", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-cryptography-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.module+el8.10.0+1697+7e517775", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-idna", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.10-4.module+el8.10.0+1809+41195054", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.10-4.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-iniconfig", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.1.1-2.module+el8.9.0+1332+dd574197", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-lxml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.6.5-1.module+el8.10.0+1582+bc278001", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-lxml-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.6.5-1.module+el8.10.0+1582+bc278001", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-more-itertools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:8.5.0-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:8.5.0-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-packaging", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.4-4.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:20.4-4.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-pluggy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.13.1-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.13.1-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-ply", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11-10.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:3.11-10.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:3.11-10.module+el8.9.0+1418+f0d66789", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-psutil", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.8.0-4.module+el8.9.0+1357+a3b80af7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-psutil-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.8.0-4.module+el8.9.0+1357+a3b80af7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-psycopg2", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1660+b5b6f004", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-psycopg2-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1660+b5b6f004", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-py", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.10.0-1.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.10.0-1.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-pycparser", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.20-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.20-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-pysocks", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.7.1-4.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.7.1-4.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.7.1-4.module+el8.9.0+1418+f0d66789", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-requests", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.25.0-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.25.0-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-toml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.10.1-5.module+el8.9.0+1332+dd574197", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-urllib3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.25.10-5.module+el8.10.0+1545+03246da9", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.25.10-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-wcwidth", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.2.5-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.2.5-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11-rpm-macros", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-rpm-macros", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-1.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+40046+11e46e10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-Cython", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-Cython-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-PyMySQL", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.10.1-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.10.1-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-attrs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.3.0-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:20.3.0-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-cffi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-cffi-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-chardet", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.0.4-19.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:3.0.4-19.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-cryptography", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.module+el8.10.0+1697+7e517775", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-cryptography-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.module+el8.10.0+1697+7e517775", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+40046+11e46e10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+40046+11e46e10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+40046+11e46e10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+40046+11e46e10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+40046+11e46e10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-idna", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.10-4.module+el8.10.0+1809+41195054", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.10-4.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-iniconfig", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.1.1-2.module+el8.9.0+1332+dd574197", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+40046+11e46e10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-lxml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.6.5-1.module+el8.10.0+1582+bc278001", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-lxml-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.6.5-1.module+el8.10.0+1582+bc278001", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-mod_wsgi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.7.1-7.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:4.7.1-7.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:4.7.1-7.module+el8.10.0+1978+d4f111ba.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-more-itertools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:8.5.0-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:8.5.0-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-numpy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-numpy-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-numpy-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-numpy-f2py", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-packaging", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.4-4.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:20.4-4.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pip", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module+el8.10.0+1721+e52d6351", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pip-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module+el8.10.0+1721+e52d6351", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pluggy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.13.1-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.13.1-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-ply", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11-10.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:3.11-10.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-psutil", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.8.0-4.module+el8.9.0+1357+a3b80af7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-psutil-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.8.0-4.module+el8.9.0+1357+a3b80af7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-psycopg2", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1660+b5b6f004", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-psycopg2-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1660+b5b6f004", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-psycopg2-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1660+b5b6f004", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-psycopg2-tests", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1660+b5b6f004", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-py", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.10.0-1.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.10.0-1.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pybind11", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.7.1-1.module+el8.9.0+1357+a3b80af7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pybind11-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.7.1-1.module+el8.9.0+1357+a3b80af7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pycparser", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.20-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.20-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pyparsing", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.4.7-5.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.4.7-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pysocks", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.7.1-4.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.7.1-4.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pytest", "versions": [{"status": "affected", "version": "0", "lessThan": "0:6.0.2-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:6.0.2-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pyyaml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pyyaml-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-requests", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.25.0-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.25.0-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-rpm-macros", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+40046+11e46e10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-scipy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-scipy-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:50.3.2-7.module+el8.10.0+2057+30213a2b", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:50.3.2-7.module+el8.10.0+2057+30213a2b", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-six", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.15.0-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.15.0-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+40046+11e46e10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.25-2.module+el8.10.0+40046+11e46e10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-toml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.10.1-5.module+el8.9.0+1332+dd574197", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-urllib3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.25.10-5.module+el8.10.0+1545+03246da9", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.25.10-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-wcwidth", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.2.5-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.2.5-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-wheel-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3x-pip", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module+el8.10.0+1721+e52d6351", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3x-pyparsing", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.4.7-5.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.4.7-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3x-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:50.3.2-7.module+el8.10.0+2057+30213a2b", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3x-six", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.15.0-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.15.0-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "scipy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "scipy-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-unversioned-command", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.11-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.9-1.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.9", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.21-2.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}], "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294682"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2321440"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325776"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343237"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366509"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370010"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370013"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370014"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370016"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372426"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373234"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402342"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2408891"}], "descriptions": [{"lang": "en", "value": "python: cpython: Arbitrary writes via tarfile realpath overflow (CVE-2025-4517)"}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000004", "shortName": "rocky", "dateUpdated": "2025-07-29T13:38:41Z", "x_subShortName": "rocky"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "suse", "product": "libpython3_6m1_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150300.10.97.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp3", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150300.10.97.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp3", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-base", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150300.10.97.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp3", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-curses", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150300.10.97.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp3", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-dbm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150300.10.97.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp3", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150300.10.97.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp3", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150300.10.97.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp3", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-tk", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150300.10.97.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp3", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-tools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150300.10.97.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-development-tools:15:sp6", "cpe:/o:suse:sle-module-development-tools:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp3", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libpython3_11-1_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150400.9.60.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sle-module-public-cloud:15:sp4", "cpe:/o:suse:sle_hpc:15:sp4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4", "cpe:/o:suse:suse-manager-proxy:4.3", "cpe:/o:suse:suse-manager-retail-branch-server:4.3"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150400.9.60.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sle-module-public-cloud:15:sp4", "cpe:/o:suse:sle_hpc:15:sp4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4", "cpe:/o:suse:suse-manager-proxy:4.3", "cpe:/o:suse:suse-manager-retail-branch-server:4.3"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-base", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150400.9.60.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sle-module-public-cloud:15:sp4", "cpe:/o:suse:sle_hpc:15:sp4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4", "cpe:/o:suse:suse-manager-proxy:4.3", "cpe:/o:suse:suse-manager-retail-branch-server:4.3"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-curses", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150400.9.60.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-dbm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150400.9.60.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150400.9.60.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150400.9.60.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-doc-devhelp", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150400.9.60.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150400.9.60.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-tk", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150400.9.60.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-tools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150400.9.60.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libpython3_10-1_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.10.18-150400.4.82.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python310", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.10.18-150400.4.82.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python310-base", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.10.18-150400.4.82.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python310-curses", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.10.18-150400.4.82.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python310-dbm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.10.18-150400.4.82.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python310-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.10.18-150400.4.82.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python310-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.10.18-150400.4.82.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python310-tk", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.10.18-150400.4.82.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python310-tools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.10.18-150400.4.82.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libpython3_11-1_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-base", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-curses", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-dbm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-tk", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-tools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libpython3_13-1_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-150700.4.11.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-150700.4.11.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-base", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-150700.4.11.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-curses", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-150700.4.11.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-dbm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-150700.4.11.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-150700.4.11.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-150700.4.11.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-tk", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-150700.4.11.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-tools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-150700.4.11.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python", "platforms": ["cpe:/o:suse:packagehub:15:sp6", "cpe:/o:suse:packagehub:15:sp7", "cpe:/o:suse:sles-ltss:15", "cpe:/o:suse:sles-ltss:15:sp1", "cpe:/o:suse:sles-ltss:15:sp2", "cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles:15", "cpe:/o:suse:sles:15:sp1", "cpe:/o:suse:sles:15:sp2", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles_sap:15:sp3"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python-curses", "platforms": ["cpe:/o:suse:packagehub:15:sp6", "cpe:/o:suse:packagehub:15:sp7", "cpe:/o:suse:sles-ltss:15", "cpe:/o:suse:sles-ltss:15:sp1", "cpe:/o:suse:sles-ltss:15:sp2", "cpe:/o:suse:sles:15", "cpe:/o:suse:sles:15:sp1", "cpe:/o:suse:sles:15:sp2"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python-gdbm", "platforms": ["cpe:/o:suse:packagehub:15:sp6", "cpe:/o:suse:packagehub:15:sp7", "cpe:/o:suse:sles-ltss:15", "cpe:/o:suse:sles-ltss:15:sp1", "cpe:/o:suse:sles-ltss:15:sp2", "cpe:/o:suse:sles:15", "cpe:/o:suse:sles:15:sp1", "cpe:/o:suse:sles:15:sp2"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libpython3_12-1_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python312", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python312-base", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python312-curses", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python312-dbm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python312-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python312-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python312-tk", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python312-tools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python-tk", "platforms": ["cpe:/o:suse:sles-ltss:15", "cpe:/o:suse:sles-ltss:15:sp1", "cpe:/o:suse:sles-ltss:15:sp2", "cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles:15", "cpe:/o:suse:sles:15:sp1", "cpe:/o:suse:sles:15:sp2", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles_sap:15:sp3"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libpython3_6m1_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150000.3.182.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp2"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150000.3.182.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp2"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-base", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150000.3.182.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp2"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-curses", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150000.3.182.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp2"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-dbm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150000.3.182.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp2"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150000.3.182.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp2"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150000.3.182.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp2"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-tk", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150000.3.182.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp2"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-tools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150000.3.182.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp2"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libpython3_9-1_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.23-150300.4.75.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp3", "cpe:/o:suse:sles_sap:15:sp5"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python39", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.23-150300.4.75.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp3", "cpe:/o:suse:sles_sap:15:sp5"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python39-base", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.23-150300.4.75.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp3", "cpe:/o:suse:sles_sap:15:sp5"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python39-curses", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.23-150300.4.75.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp3", "cpe:/o:suse:sles_sap:15:sp5"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python39-dbm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.23-150300.4.75.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp3", "cpe:/o:suse:sles_sap:15:sp5"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python39-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.23-150300.4.75.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles_sap:15:sp3"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python39-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.23-150300.4.75.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles_sap:15:sp3"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python39-tk", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.23-150300.4.75.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles_sap:15:sp3"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python39-tools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.23-150300.4.75.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles_sap:15:sp3"], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "SUSE bug 1244032"}], "references": [{"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4517", "name": "Mitre CVE-2025-4517"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001745.html", "name": "RHSA-2025:10026"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001732.html", "name": "RHSA-2025:10031"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001750.html", "name": "RHSA-2025:10128"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001756.html", "name": "RHSA-2025:10136"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001757.html", "name": "RHSA-2025:10148"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001758.html", "name": "RHSA-2025:10189"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-December/002308.html", "name": "RHSA-2025:23530"}, {"url": "https://www.suse.com/security/cve/CVE-2025-4517", "name": "SUSE CVE-2025-4517"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040422.html", "name": "SUSE-SU-2025:02047-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040421.html", "name": "SUSE-SU-2025:02048-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040420.html", "name": "SUSE-SU-2025:02049-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040419.html", "name": "SUSE-SU-2025:02050-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040427.html", "name": "SUSE-SU-2025:02057-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040440.html", "name": "SUSE-SU-2025:02074-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040698.html", "name": "SUSE-SU-2025:02297-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040822.html", "name": "SUSE-SU-2025:02427-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041187.html", "name": "SUSE-SU-2025:02778-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040929.html", "name": "SUSE-SU-2025:20492-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041115.html", "name": "SUSE-SU-2025:20539-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023842.html", "name": "SUSE-SU-2026:0210-1"}], "descriptions": [{"lang": "en", "value": "\n    Allows arbitrary filesystem writes outside the extraction directory during extraction with filter=\"data\".\n\n\nYou are affected by this vulnerability if using the tarfile  module to extract untrusted tar archives using TarFile.extractall()  or TarFile.extract()  using the filter=  parameter with a value of \"data\"  or \"tar\". See the tarfile  extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter   for more information.\n\nNote that for Python 3.14 or later the default value of filter=  changed from \"no filtering\" to `\"data\", so if you are relying on this new default behavior then your usage is also affected.\n\nNote that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.\n    "}], "providerMetadata": {"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse", "dateUpdated": "2025-06-04T00:00:00Z", "x_subShortName": "suse_server_15"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "suse", "product": "libpython3_11-1_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libpython3_6m1_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150300.10.97.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150300.10.97.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-base", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150300.10.97.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-curses", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150300.10.97.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-dbm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150300.10.97.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150300.10.97.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150300.10.97.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-tk", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150300.10.97.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-base", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-tools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.6.15-150300.10.97.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-development-tools:15:sp6", "cpe:/o:suse:sle-module-development-tools:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-curses", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-dbm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-tk", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-tools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11.13-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libpython3_13-1_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-150700.4.11.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-150700.4.11.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-base", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-150700.4.11.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-curses", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-150700.4.11.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-dbm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-150700.4.11.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-150700.4.11.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-150700.4.11.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-tk", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-150700.4.11.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-tools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-150700.4.11.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python", "platforms": ["cpe:/o:suse:packagehub:15:sp6", "cpe:/o:suse:packagehub:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python-curses", "platforms": ["cpe:/o:suse:packagehub:15:sp6", "cpe:/o:suse:packagehub:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python-gdbm", "platforms": ["cpe:/o:suse:packagehub:15:sp6", "cpe:/o:suse:packagehub:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libpython3_12-1_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python312", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python312-base", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python312-curses", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python312-dbm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python312-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python312-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python312-tk", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python312-tools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.11-150600.3.30.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "SUSE bug 1244032"}], "references": [{"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4517", "name": "Mitre CVE-2025-4517"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001745.html", "name": "RHSA-2025:10026"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001732.html", "name": "RHSA-2025:10031"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001750.html", "name": "RHSA-2025:10128"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001756.html", "name": "RHSA-2025:10136"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001757.html", "name": "RHSA-2025:10148"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001758.html", "name": "RHSA-2025:10189"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-December/002308.html", "name": "RHSA-2025:23530"}, {"url": "https://www.suse.com/security/cve/CVE-2025-4517", "name": "SUSE CVE-2025-4517"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040422.html", "name": "SUSE-SU-2025:02047-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040421.html", "name": "SUSE-SU-2025:02048-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040420.html", "name": "SUSE-SU-2025:02049-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040419.html", "name": "SUSE-SU-2025:02050-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040427.html", "name": "SUSE-SU-2025:02057-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040440.html", "name": "SUSE-SU-2025:02074-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040698.html", "name": "SUSE-SU-2025:02297-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040822.html", "name": "SUSE-SU-2025:02427-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041187.html", "name": "SUSE-SU-2025:02778-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040929.html", "name": "SUSE-SU-2025:20492-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041115.html", "name": "SUSE-SU-2025:20539-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023842.html", "name": "SUSE-SU-2026:0210-1"}], "descriptions": [{"lang": "en", "value": "\n    Allows arbitrary filesystem writes outside the extraction directory during extraction with filter=\"data\".\n\n\nYou are affected by this vulnerability if using the tarfile  module to extract untrusted tar archives using TarFile.extractall()  or TarFile.extract()  using the filter=  parameter with a value of \"data\"  or \"tar\". See the tarfile  extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter   for more information.\n\nNote that for Python 3.14 or later the default value of filter=  changed from \"no filtering\" to `\"data\", so if you are relying on this new default behavior then your usage is also affected.\n\nNote that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.\n    "}], "providerMetadata": {"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse", "dateUpdated": "2025-06-04T00:00:00Z", "x_subShortName": "suse_desktop_15"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "suse", "product": "libpython3_13-1_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-160000.2.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libpython3_13-1_0-x86-64-v3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-160000.2.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-160000.2.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-base", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-160000.2.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-base-x86-64-v3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-160000.2.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-curses", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-160000.2.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-dbm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-160000.2.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-160000.2.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-160000.2.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-doc-devhelp", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-160000.2.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-160000.2.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-tk", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-160000.2.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-tools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-160000.2.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-x86-64-v3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.13.5-160000.2.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "SUSE bug 1244032"}], "references": [{"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4517", "name": "Mitre CVE-2025-4517"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001745.html", "name": "RHSA-2025:10026"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001732.html", "name": "RHSA-2025:10031"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001750.html", "name": "RHSA-2025:10128"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001756.html", "name": "RHSA-2025:10136"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001757.html", "name": "RHSA-2025:10148"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001758.html", "name": "RHSA-2025:10189"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-December/002308.html", "name": "RHSA-2025:23530"}, {"url": "https://www.suse.com/security/cve/CVE-2025-4517", "name": "SUSE CVE-2025-4517"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040422.html", "name": "SUSE-SU-2025:02047-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040421.html", "name": "SUSE-SU-2025:02048-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040420.html", "name": "SUSE-SU-2025:02049-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040419.html", "name": "SUSE-SU-2025:02050-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040427.html", "name": "SUSE-SU-2025:02057-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040440.html", "name": "SUSE-SU-2025:02074-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040698.html", "name": "SUSE-SU-2025:02297-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040822.html", "name": "SUSE-SU-2025:02427-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041187.html", "name": "SUSE-SU-2025:02778-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040929.html", "name": "SUSE-SU-2025:20492-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041115.html", "name": "SUSE-SU-2025:20539-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023842.html", "name": "SUSE-SU-2026:0210-1"}], "descriptions": [{"lang": "en", "value": "\n    Allows arbitrary filesystem writes outside the extraction directory during extraction with filter=\"data\".\n\n\nYou are affected by this vulnerability if using the tarfile  module to extract untrusted tar archives using TarFile.extractall()  or TarFile.extract()  using the filter=  parameter with a value of \"data\"  or \"tar\". See the tarfile  extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter   for more information.\n\nNote that for Python 3.14 or later the default value of filter=  changed from \"no filtering\" to `\"data\", so if you are relying on this new default behavior then your usage is also affected.\n\nNote that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.\n    "}], "providerMetadata": {"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse", "dateUpdated": "2025-11-14T00:00:00Z", "x_subShortName": "suse_server_16"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.4, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"medium\"}"}}}], "affected": [{"vendor": "canonical", "product": "idle-python3.12", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.3-1ubuntu0.7", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "libpython3.12-minimal", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.3-1ubuntu0.7", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "libpython3.12-stdlib", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.3-1ubuntu0.7", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "libpython3.12-testsuite", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.3-1ubuntu0.7", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "libpython3.12t64", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.3-1ubuntu0.7", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3.12", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.3-1ubuntu0.7", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3.12-examples", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.3-1ubuntu0.7", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3.12-full", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.3-1ubuntu0.7", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3.12-minimal", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.3-1ubuntu0.7", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3.12-nopie", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.3-1ubuntu0.7", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3.12-venv", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.12.3-1ubuntu0.7", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "unknown", "product": "unknown", "defaultStatus": "unknown"}], "references": [{"url": "https://ubuntu.com/security/CVE-2025-4517"}, {"url": "https://ubuntu.com/security/notices/USN-7583-1"}, {"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"}], "descriptions": [{"lang": "en", "value": "Allows arbitrary filesystem writes outside the extraction directory duringextraction with filter=\"data\".You are affected by this vulnerability if using the tarfile module toextract untrusted tar archives using TarFile.extractall() orTarFile.extract() using the filter= parameter with a value of \"data\" or\"tar\". See the tarfile  extraction filters documentationhttps://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information.Note that for Python 3.14 or later the default value of filter= changedfrom \"no filtering\" to `\"data\", so if you are relying on this new defaultbehavior then your usage is also affected.Note that none of these vulnerabilities significantly affect theinstallation of source distributions which are tar archives as sourcedistributions already allow arbitrary code execution during the buildprocess. However when evaluating source distributions it's important toavoid installing source distributions with suspicious links."}, {"lang": "en", "value": "not defined"}], "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2000-01-01T00:00:00Z", "x_subShortName": "canonical"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.0, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "amazon", "product": "python-unversioned-command", "versions": [{"status": "affected", "version": "0", "lessThan": "3.9.23-1.amzn2023.0.1", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3", "versions": [{"status": "affected", "version": "0", "lessThan": "3.9.23-1.amzn2023.0.1", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "3.9.23-1.amzn2023.0.1", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "3.9.23-1.amzn2023.0.1", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "3.9.23-1.amzn2023.0.1", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "3.9.23-1.amzn2023.0.1", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3-test", "versions": [{"status": "affected", "version": "0", "lessThan": "3.9.23-1.amzn2023.0.1", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "3.9.23-1.amzn2023.0.1", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.11", "versions": [{"status": "affected", "version": "0", "lessThan": "3.11.13-1.amzn2023.0.1", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.11-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "3.11.13-1.amzn2023.0.1", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.11-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "3.11.13-1.amzn2023.0.1", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.11-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "3.11.13-1.amzn2023.0.1", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.11-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "3.11.13-1.amzn2023.0.1", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.11-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "3.11.13-1.amzn2023.0.1", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.11-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "3.11.13-1.amzn2023.0.1", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.11-test", "versions": [{"status": "affected", "version": "0", "lessThan": "3.11.13-1.amzn2023.0.1", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.11-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "3.11.13-1.amzn2023.0.1", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.12", "versions": [{"status": "affected", "version": "0", "lessThan": "3.12.10-2.amzn2023.0.2", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.12-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "3.12.10-2.amzn2023.0.2", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.12-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "3.12.10-2.amzn2023.0.2", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.12-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "3.12.10-2.amzn2023.0.2", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.12-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "3.12.10-2.amzn2023.0.2", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.12-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "3.12.10-2.amzn2023.0.2", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.12-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "3.12.10-2.amzn2023.0.2", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.12-test", "versions": [{"status": "affected", "version": "0", "lessThan": "3.12.10-2.amzn2023.0.2", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.12-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "3.12.10-2.amzn2023.0.2", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.9-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "3.9.23-1.amzn2023.0.1", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.9-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "3.9.23-1.amzn2023.0.1", "versionType": "rpm"}], "defaultStatus": "unaffected"}], "references": [{"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4517"}], "descriptions": [{"lang": "en", "value": "Allows arbitrary filesystem writes outside the extraction directory during extraction with filter=\"data\"."}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000000", "shortName": "alas", "dateUpdated": "2025-06-18T23:17:00Z", "x_subShortName": "alas_2023"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "unknown", "product": "unknown", "defaultStatus": "unknown"}], "solutions": [{"lang": "en", "value": "SUSE bug 1244032"}], "references": [{"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4517", "name": "Mitre CVE-2025-4517"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001745.html", "name": "RHSA-2025:10026"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001732.html", "name": "RHSA-2025:10031"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001750.html", "name": "RHSA-2025:10128"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001756.html", "name": "RHSA-2025:10136"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001757.html", "name": "RHSA-2025:10148"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001758.html", "name": "RHSA-2025:10189"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-December/002308.html", "name": "RHSA-2025:23530"}, {"url": "https://www.suse.com/security/cve/CVE-2025-4517", "name": "SUSE CVE-2025-4517"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040422.html", "name": "SUSE-SU-2025:02047-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040421.html", "name": "SUSE-SU-2025:02048-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040420.html", "name": "SUSE-SU-2025:02049-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040419.html", "name": "SUSE-SU-2025:02050-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040427.html", "name": "SUSE-SU-2025:02057-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040440.html", "name": "SUSE-SU-2025:02074-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040698.html", "name": "SUSE-SU-2025:02297-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040822.html", "name": "SUSE-SU-2025:02427-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041187.html", "name": "SUSE-SU-2025:02778-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040929.html", "name": "SUSE-SU-2025:20492-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041115.html", "name": "SUSE-SU-2025:20539-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023842.html", "name": "SUSE-SU-2026:0210-1"}], "descriptions": [{"lang": "en", "value": "\n    Allows arbitrary filesystem writes outside the extraction directory during extraction with filter=\"data\".\n\n\nYou are affected by this vulnerability if using the tarfile  module to extract untrusted tar archives using TarFile.extractall()  or TarFile.extract()  using the filter=  parameter with a value of \"data\"  or \"tar\". See the tarfile  extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter   for more information.\n\nNote that for Python 3.14 or later the default value of filter=  changed from \"no filtering\" to `\"data\", so if you are relying on this new default behavior then your usage is also affected.\n\nNote that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.\n    "}], "providerMetadata": {"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse", "dateUpdated": "2025-06-04T00:00:00Z", "x_subShortName": "suse_server_12"}}, {"affected": [{"vendor": "unknown", "product": "unknown", "defaultStatus": "unknown"}], "references": [{"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"}], "descriptions": [{"lang": "en", "value": "not defined"}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2000-01-01T00:00:00Z", "x_subShortName": "redhat_6"}}, {"affected": [{"vendor": "unknown", "product": "unknown", "defaultStatus": "unknown"}], "references": [{"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"}], "descriptions": [{"lang": "en", "value": "not defined"}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2000-01-01T00:00:00Z", "x_subShortName": "redhat_7"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.4, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "unknown", "product": "unknown", "defaultStatus": "unknown"}], "references": [{"url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f"}, {"url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da"}, {"url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9"}, {"url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"}, {"url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e"}, {"url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a"}, {"url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"}, {"url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01"}, {"url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1"}, {"url": "https://github.com/python/cpython/issues/135034"}, {"url": "https://github.com/python/cpython/pull/135037"}, {"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"}], "descriptions": [{"lang": "en", "value": "Allows arbitrary filesystem writes outside the extraction directory during extraction with filter=\"data\".\n\n\nYou are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of \"data\" or \"tar\". See the tarfile  extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter  for more information.\n\nNote that for Python 3.14 or later the default value of filter= changed from \"no filtering\" to `\"data\", so if you are relying on this new default behavior then your usage is also affected.\n\nNote that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links."}, {"lang": "es", "value": "Permite escrituras arbitrarias en el sistema de archivos fuera del directorio de extracción durante la extracción con filter=\"data\". Esta vulnerabilidad afecta al usuario si utiliza el módulo tarfile para extraer archivos tar no confiables mediante TarFile.extractall() o TarFile.extract() y el parámetro filter= con el valor \"data\" o \"tar\". Consulte la documentación sobre filtros de extracción de archivos tar (https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter) para obtener más información. Solo las versiones de Python 3.12 o posteriores se ven afectadas por estas vulnerabilidades; las versiones anteriores no incluyen la función de filtro de extracción. Tenga en cuenta que, para Python 3.14 o posteriores, el valor predeterminado de filter= cambió de \"sin filtrado\" a \"data\", por lo que si utiliza este nuevo comportamiento predeterminado, su uso también se verá afectado. Tenga en cuenta que ninguna de estas vulnerabilidades afecta significativamente la instalación de distribuciones fuente que son archivos tar, ya que estas permiten la ejecución de código arbitrario durante el proceso de compilación. Sin embargo, al evaluar distribuciones de origen es importante evitar instalar distribuciones de origen con enlaces sospechosos."}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-22", "description": "CWE-22"}]}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000003", "shortName": "DISCARDED_CNA", "dateUpdated": "2025-06-03T13:15:20Z", "x_subShortName": "nvd"}}}, "cveMetadata": {"cveId": "CVE-2025-4517", "state": "PUBLISHED", "dateUpdated": "2025-06-05T14:15:33Z", "assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22", "datePublished": "2025-06-03T13:15:20Z", "assignerShortName": "PSF"}, "dataVersion": "5.0"}