RHSA-2025:23342MediumCVSS 4.3
Red Hat Security Advisory: python3.9 security update
🔗 CVE IDs covered (4)
📋 Description
CVE-2024-5642 — python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used CVE-2025-6069 — cpython: Python HTMLParser quadratic complexity CVE-2025-6075 — python: Quadratic complexity in os.path.expandvars() with user-controlled template CVE-2025-8291 — cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked
🔗 References (8)
- selfhttps://access.redhat.com/errata/RHSA-2025:23342
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2294682
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2373234
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2402342
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2408891
- externalhttps://issues.redhat.com/browse/RHEL-128538
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23342.json