Serhiy Storchaka

129 exploits Active since Oct 2020
CVE-2026-3276 WRITEUP MEDIUM WRITEUP
Python Software Foundation CPython - Potential DoS via Quadratic Complexity in unicodedata.normalize()
unicodedata.normalize() can take excessive CPU time when processing specially crafted Unicode input containing long runs of combining characters with alternating Canonical Combining Class values. This affects all normalization forms.
CVE-2026-3087 WRITEUP HIGH WRITEUP
shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs
If `shutil.unpack_archive()` is given a ZIP archive with an absolute Windows path containing a drive (`C:\\...`) then the archive will be extracted outside the target directory which is different than other operating systems. Only Windows is affected by this vulnerability.
CVSS 7.5
CVE-2026-3276 WRITEUP MEDIUM WRITEUP
Python Software Foundation CPython - Potential DoS via Quadratic Complexity in unicodedata.normalize()
unicodedata.normalize() can take excessive CPU time when processing specially crafted Unicode input containing long runs of combining characters with alternating Canonical Combining Class values. This affects all normalization forms.
CVE-2026-3087 WRITEUP HIGH WRITEUP
shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs
If `shutil.unpack_archive()` is given a ZIP archive with an absolute Windows path containing a drive (`C:\\...`) then the archive will be extracted outside the target directory which is different than other operating systems. Only Windows is affected by this vulnerability.
CVSS 7.5
CVE-2026-3276 WRITEUP MEDIUM WRITEUP
Python Software Foundation CPython - Potential DoS via Quadratic Complexity in unicodedata.normalize()
unicodedata.normalize() can take excessive CPU time when processing specially crafted Unicode input containing long runs of combining characters with alternating Canonical Combining Class values. This affects all normalization forms.
CVE-2026-3087 WRITEUP HIGH WRITEUP
shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs
If `shutil.unpack_archive()` is given a ZIP archive with an absolute Windows path containing a drive (`C:\\...`) then the archive will be extracted outside the target directory which is different than other operating systems. Only Windows is affected by this vulnerability.
CVSS 7.5
CVE-2026-3276 WRITEUP MEDIUM WRITEUP
Python Software Foundation CPython - Potential DoS via Quadratic Complexity in unicodedata.normalize()
unicodedata.normalize() can take excessive CPU time when processing specially crafted Unicode input containing long runs of combining characters with alternating Canonical Combining Class values. This affects all normalization forms.
CVE-2026-3087 WRITEUP HIGH WRITEUP
shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs
If `shutil.unpack_archive()` is given a ZIP archive with an absolute Windows path containing a drive (`C:\\...`) then the archive will be extracted outside the target directory which is different than other operating systems. Only Windows is affected by this vulnerability.
CVSS 7.5
CVE-2026-3276 WRITEUP MEDIUM WRITEUP
Python Software Foundation CPython - Potential DoS via Quadratic Complexity in unicodedata.normalize()
unicodedata.normalize() can take excessive CPU time when processing specially crafted Unicode input containing long runs of combining characters with alternating Canonical Combining Class values. This affects all normalization forms.
CVE-2020-27619 WRITEUP CRITICAL WRITEUP
Python 3.0.0-3.9.0 - Remote Code Execution via CJK Codec Test HTTP Content
In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.
CVSS 9.8
CVE-2020-27619 WRITEUP CRITICAL WRITEUP
Python 3.0.0-3.9.0 - Remote Code Execution via CJK Codec Test HTTP Content
In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.
CVSS 9.8
CVE-2020-27619 WRITEUP CRITICAL WRITEUP
Python 3.0.0-3.9.0 - Remote Code Execution via CJK Codec Test HTTP Content
In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.
CVSS 9.8
CVE-2020-27619 WRITEUP CRITICAL WRITEUP
Python 3.0.0-3.9.0 - Remote Code Execution via CJK Codec Test HTTP Content
In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.
CVSS 9.8
CVE-2024-0450 WRITEUP MEDIUM WRITEUP
CPython Zip Bomb Asymmetric Resource Consumption
An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive.
CVSS 6.2
CVE-2024-12718 WRITEUP MEDIUM WRITEUP
CPython 3.12-3.12.10, 3.13-3.13.3, 3.14a1-3.14b2 - Path Traversal via TarFile Extraction Filter
Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter  for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.
CVSS 5.3
CVE-2023-6597 WRITEUP HIGH WRITEUP
CPython <3.12.1-3.8.18 - Use After Free
An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances.
CVSS 7.8
CVE-2024-0450 WRITEUP MEDIUM WRITEUP
CPython Zip Bomb Asymmetric Resource Consumption
An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive.
CVSS 6.2
CVE-2024-12718 WRITEUP MEDIUM WRITEUP
CPython 3.12-3.12.10, 3.13-3.13.3, 3.14a1-3.14b2 - Path Traversal via TarFile Extraction Filter
Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter  for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.
CVSS 5.3
CVE-2023-6597 WRITEUP HIGH WRITEUP
CPython <3.12.1-3.8.18 - Use After Free
An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances.
CVSS 7.8
CVE-2024-0450 WRITEUP MEDIUM WRITEUP
CPython Zip Bomb Asymmetric Resource Consumption
An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive.
CVSS 6.2
CVE-2024-12718 WRITEUP MEDIUM WRITEUP
CPython 3.12-3.12.10, 3.13-3.13.3, 3.14a1-3.14b2 - Path Traversal via TarFile Extraction Filter
Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter  for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.
CVSS 5.3
CVE-2023-6597 WRITEUP HIGH WRITEUP
CPython <3.12.1-3.8.18 - Use After Free
An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances.
CVSS 7.8
CVE-2024-0450 WRITEUP MEDIUM WRITEUP
CPython Zip Bomb Asymmetric Resource Consumption
An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive.
CVSS 6.2
CVE-2024-12718 WRITEUP MEDIUM WRITEUP
CPython 3.12-3.12.10, 3.13-3.13.3, 3.14a1-3.14b2 - Path Traversal via TarFile Extraction Filter
Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter  for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.
CVSS 5.3
CVE-2025-4138 WRITEUP HIGH WRITEUP
CPython Path Traversal via TarFile Extraction Filter Bypass
Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter  for more information. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.
CVSS 7.5