CVE-2025-8291

MEDIUM

Zipfile - Buffer Overflow

Title source: llm

Description

The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value.

References (12)

[Issue Tracking] https://github.com/python/cpython/pull/139702

[Various Sources] https://mail.python.org/archives/list/[email protected]/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/

[Issue Tracking] https://github.com/python/cpython/issues/139700

[Patch] https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267

[Patch] https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6

[Patch] https://github.com/python/cpython/commit/1d29afb0d6218aa8fb5e1e4a6133a4778d89bb46

[Patch] https://github.com/python/cpython/commit/76437ac248ad8ca44e9bf697b02b1e2241df2196

[Patch] https://github.com/python/cpython/commit/8392b2f0d35678407d9ce7d95655a5b77de161b4

[Patch] https://github.com/python/cpython/commit/bca11ae7d575d87ed93f5dd6a313be6246e3e388

[Patch] https://github.com/python/cpython/commit/d11e69d6203080e3ec450446bfed0516727b85c3

View Patch ZIP pw:eip

[Various Sources] https://github.com/psf/advisory-database/blob/main/advisories/python/PSF-2025-12.json

View Writeup ZIP pw:eip

[Vendor Advisory] https://github.com/google/security-research/security/advisories/GHSA-hhv7-p4pg-wm6p

Scores

CVSS v3 4.3

EPSS 0.0011

EPSS Percentile 29.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-1285

Status published

Products (7)

Python Software Foundation/CPython < 3.10.19

Python Software Foundation/CPython < 3.9.24

Python Software Foundation/CPython 3.10.0 - 3.10.19

Python Software Foundation/CPython 3.11.0 - 3.11.14

Python Software Foundation/CPython 3.12.0 - 3.12.12

Python Software Foundation/CPython 3.13.0 - 3.13.10

Python Software Foundation/CPython 3.14.0 - 3.14.1

Published Oct 07, 2025

Tracked Since Feb 18, 2026