[Security-announce][CVE-2024-6232] Regular-expression DoS when parsing TarFile headers

Sept. 3, 2024


      There is a MEDIUM severity vulnerability affecting CPython.
Regular expressions that allowed excessive backtracking during
tarfile.TarFile header parsing are vulnerable to ReDoS via
specifically-crafted tar archives.
Please see the linked CVE ID for the latest information on affected
versions:

https://www.cve.org/CVERecord?id=CVE-2024-6232
https://github.com/python/cpython/pull/121286

[Security-announce][CVE-2024-6232] Regular-expression DoS when parsing TarFile headers

Seth Larson