[CVE-2024-6232] Regular-expression DoS when parsing TarFile headers
![](https://secure.gravatar.com/avatar/b5a0900288ad3a29fd4a5ef260486055.jpg?s=120&d=mm&r=g)
Sept. 3, 2024
5:30 a.m.
There is a MEDIUM severity vulnerability affecting CPython.
Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.
Please see the linked CVE ID for the latest information on affected versions:
164
Age (days ago)
164
Last active (days ago)
0 comments
1 participants
participants (1)
-
Seth Larson