CVE-2025-12084 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
PSF	CNA	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 31%

Vendor	Product	Version
python	python	𝑥 < 3.13.11
python	python	3.14.0 ≤ 𝑥 < 3.14.2
python	python	3.15.0:alpha1
python	python	3.15.0:alpha2

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

jython

questing	needs-triage
plucky	ignored
noble	needs-triage
jammy	needs-triage
focal	needs-triage
bionic	needs-triage
xenial	needs-triage

pypy3

questing	needs-triage
plucky	ignored
noble	needs-triage
jammy	needs-triage
focal	needs-triage

python2.7

questing	dne
plucky	dne
noble	dne
jammy	needs-triage
focal	needs-triage
bionic	needs-triage
xenial	needs-triage
trusty	needs-triage

python3.4

questing	dne
plucky	dne
noble	dne
jammy	dne
trusty	needs-triage

python3.5

questing	dne
plucky	dne
noble	dne
jammy	dne
xenial	needs-triage
trusty	needs-triage

python3.6

questing	dne
plucky	dne
noble	dne
jammy	dne
bionic	needs-triage

python3.7

questing	dne
plucky	dne
noble	dne
jammy	dne
bionic	needs-triage

python3.8

questing	dne
plucky	dne
noble	dne
jammy	dne
focal	needs-triage
bionic	needs-triage

python3.9

questing	dne
plucky	dne
noble	dne
jammy	dne
focal	needs-triage

python3.10

questing	dne
plucky	dne
noble	dne
jammy	needs-triage

python3.11

questing	dne
plucky	dne
noble	dne
jammy	needs-triage

python3.12

questing	dne
plucky	dne
noble	needs-triage
jammy	dne

python3.13

questing	needs-triage
plucky	ignored
noble	dne
jammy	dne

python3.14

questing	needs-triage
plucky	dne
noble	dne
jammy	dne

Common Weakness Enumeration

CWE-407 - Inefficient Algorithmic Complexity
An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.

Vulnerability Media Exposure

[GERMAN] cPython: Schwachstelle ermöglicht Denial of Service
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in cPython ausnutzen, um einen Denial of Service Angriff durchzuführen.
Published: 2025-12-03T23:00:00+00:00

References

https://github.com/python/cpython/commit/027f21e417b26eed4505ac2db101a4352b7c51a0

https://github.com/python/cpython/commit/08d8e18ad81cd45bc4a27d6da478b51ea49486e4

https://github.com/python/cpython/commit/27648a1818749ef44c420afe6173af6868715437

https://github.com/python/cpython/commit/41f468786762348960486c166833a218a0a436af

https://github.com/python/cpython/commit/57937a8e5e293f0dcba5115f7b7a11b1e0c9a273

https://github.com/python/cpython/commit/8d2d7bb2e754f8649a68ce4116271a4932f76907

https://github.com/python/cpython/commit/9c9dda6625a2a90d2a06c657eee021d6be19842d

https://github.com/python/cpython/commit/a696ba8b4d42fd632afc9bc88ad830a2e4cceed8

https://github.com/python/cpython/commit/ddcd2acd85d891a53e281c773b3093f9db953964

https://github.com/python/cpython/commit/e91c11449cad34bac3ea55ee09ca557691d92b53

https://github.com/python/cpython/issues/142145

https://github.com/python/cpython/pull/142146