CVE-2025-12084

When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
PSFCNA
---
---
CISA-ADPADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
jython
questing
needs-triage
plucky
needs-triage
noble
needs-triage
jammy
needs-triage
focal
needs-triage
bionic
needs-triage
xenial
needs-triage
pypy3
questing
needs-triage
plucky
needs-triage
noble
needs-triage
jammy
needs-triage
focal
needs-triage
python2.7
questing
dne
plucky
dne
noble
dne
jammy
needs-triage
focal
needs-triage
bionic
needs-triage
xenial
needs-triage
trusty
needs-triage
python3.4
questing
dne
plucky
dne
noble
dne
jammy
dne
trusty
needs-triage
python3.5
questing
dne
plucky
dne
noble
dne
jammy
dne
xenial
needs-triage
trusty
needs-triage
python3.6
questing
dne
plucky
dne
noble
dne
jammy
dne
bionic
needs-triage
python3.7
questing
dne
plucky
dne
noble
dne
jammy
dne
bionic
needs-triage
python3.8
questing
dne
plucky
dne
noble
dne
jammy
dne
focal
needs-triage
bionic
needs-triage
python3.9
questing
dne
plucky
dne
noble
dne
jammy
dne
focal
needs-triage
python3.10
questing
dne
plucky
dne
noble
dne
jammy
needs-triage
python3.11
questing
dne
plucky
dne
noble
dne
jammy
needs-triage
python3.12
questing
dne
plucky
dne
noble
needs-triage
jammy
dne
python3.13
questing
needs-triage
plucky
needs-triage
noble
dne
jammy
dne
python3.14
questing
needs-triage
plucky
dne
noble
dne
jammy
dne
Common Weakness Enumeration
Vulnerability Media Exposure
References
https://github.com/python/cpython/commit/08d8e18ad81cd45bc4a27d6da478b51ea49486e4
https://github.com/python/cpython/issues/142145
https://github.com/python/cpython/pull/142146