CVE CyberSecurity Database News - Latest cybersecurity news and CVE details

Python Software Foundation

Mar 19, 2024 Python Software Foundation CPython

CVE-2024-0450: Patch for CPython `zipfile` module fixing "quoted-overlap" zip-bombs vulnerability

A recent security issue has been discovered in the CPython zipfile module, affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.

Mar 19, 2024 Exploit Python Software Foundation CPython

CVE-2023-6597 - `tempfile.TemporaryDirectory` Symlink Dereference Vulnerability in CPython

A new security vulnerability (CVE-2023-6597) was discovered in the CPython tempfile.TemporaryDirectory class, affecting several versions, including 3.12.1, 3.11.7, 3.10.