CVE-2025-6075

EUVD-2025-37384
If the value passed to os.path.expandvars() is user-controlled a 
performance degradation is possible when expanding environment 
variables.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
Affected Products (NVD)
VendorProductVersion
pythonpython
𝑥
< 3.9.0
pythonpython
3.13.1 ≤
𝑥
< 3.13.11
pythonpython
3.14.0 ≤
𝑥
< 3.14.1
pythonpython
3.15.0:alpha1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
pypy3
bookworm
no-dsa
bullseye
postponed
bullseye (security)
vulnerable
forky
vulnerable
sid
vulnerable
trixie
no-dsa
python3.11
bookworm
no-dsa
bookworm (security)
vulnerable
bullseye
postponed
trixie
no-dsa
python3.13
bookworm
no-dsa
bullseye
postponed
forky
3.13.12-1
fixed
sid
3.13.12-1
fixed
trixie
no-dsa
python3.14
bookworm
no-dsa
bullseye
postponed
forky
3.14.3-1
fixed
sid
3.14.3-1
fixed
trixie
no-dsa
python3.9
bookworm
no-dsa
bullseye
postponed
bullseye (security)
3.9.2-1+deb11u5
fixed
trixie
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
pypy3
focal
needs-triage
jammy
needs-triage
noble
needs-triage
plucky
ignored
questing
needs-triage
python2.7
bionic
needs-triage
focal
needs-triage
jammy
needs-triage
noble
dne
plucky
dne
questing
dne
trusty
needs-triage
xenial
needs-triage
python3.4
jammy
dne
noble
dne
plucky
dne
questing
dne
trusty
Fixed 3.4.3-1ubuntu1~14.04.7+esm17
released
python3.5
jammy
dne
noble
dne
plucky
dne
questing
dne
trusty
Fixed 3.5.2-2ubuntu0~16.04.4~14.04.1+esm8
released
xenial
Fixed 3.5.2-2ubuntu0~16.04.13+esm20
released
python3.6
bionic
Fixed 3.6.9-1~18.04ubuntu1.13+esm7
released
jammy
dne
noble
dne
plucky
dne
questing
dne
python3.7
bionic
Fixed 3.7.5-2ubuntu1~18.04.2+esm8
released
jammy
dne
noble
dne
plucky
dne
questing
dne
python3.8
bionic
Fixed 3.8.0-3ubuntu1~18.04.2+esm7
released
focal
Fixed 3.8.10-0ubuntu1~20.04.18+esm3
released
jammy
dne
noble
dne
plucky
dne
questing
dne
python3.9
focal
Fixed 3.9.5-3ubuntu0~20.04.1+esm7
released
jammy
dne
noble
dne
plucky
dne
questing
dne
python3.10
jammy
Fixed 3.10.12-1~22.04.12
released
noble
dne
plucky
dne
questing
dne
python3.11
jammy
Fixed 3.11.0~rc1-1~22.04.1~esm6
released
noble
dne
plucky
dne
questing
dne
python3.12
jammy
dne
noble
Fixed 3.12.3-1ubuntu0.9
released
plucky
dne
questing
dne
python3.13
jammy
dne
noble
dne
plucky
ignored
questing
needs-triage
python3.14
jammy
dne
noble
dne
plucky
dne
questing
needs-triage
Common Weakness Enumeration
References
https://github.com/python/cpython/commit/2e6150adccaaf5bd95d4c19dfd04a36e0b325d8c
https://github.com/python/cpython/commit/5dceb93486176e6b4a6d9754491005113eb23427
https://github.com/python/cpython/commit/631ba3407e3348ccd56ce5160c4fb2c5dc5f4d84
https://github.com/python/cpython/commit/892747b4cf0f95ba8beb51c0d0658bfaa381ebca
https://github.com/python/cpython/commit/9ab89c026aa9611c4b0b67c288b8303a480fe742
https://github.com/python/cpython/commit/c8a5f3435c342964e0a432cc9fb448b7dbecd1ba
https://github.com/python/cpython/commit/f029e8db626ddc6e3a3beea4eff511a71aaceb5c
https://github.com/python/cpython/issues/136065
https://mail.python.org/archives/list/security-announce@python.org/thread/IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA/