CVE-2025-6075

EUVD-2025-37384
If the value passed to os.path.expandvars() is user-controlled a 
performance degradation is possible when expanding environment 
variables.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
pythonpython
𝑥
< 3.9.0
pythonpython
3.13.1 ≤
𝑥
< 3.13.11
pythonpython
3.14.0 ≤
𝑥
< 3.14.1
pythonpython
3.15.0:alpha1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
pypy3
bookworm
vulnerable
bullseye
vulnerable
bullseye (security)
vulnerable
forky
vulnerable
sid
vulnerable
trixie
vulnerable
python3.11
bookworm
vulnerable
bookworm (security)
vulnerable
bullseye
postponed
trixie
no-dsa
python3.13
bookworm
no-dsa
bullseye
postponed
forky
3.13.12-1
fixed
sid
3.13.12-1
fixed
trixie
vulnerable
python3.14
bookworm
no-dsa
bullseye
postponed
forky
3.14.3-3
fixed
sid
3.14.3-5
fixed
trixie
no-dsa
python3.9
bookworm
no-dsa
bullseye
vulnerable
bullseye (security)
3.9.2-1+deb11u5
fixed
trixie
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
pypy3
focal
needs-triage
jammy
needs-triage
noble
needs-triage
plucky
ignored
questing
needs-triage
python2.7
bionic
needs-triage
focal
needs-triage
jammy
needs-triage
noble
dne
plucky
dne
questing
dne
trusty
needs-triage
xenial
needs-triage
python3.4
jammy
dne
noble
dne
plucky
dne
questing
dne
trusty
Fixed 3.4.3-1ubuntu1~14.04.7+esm17
released
python3.5
jammy
dne
noble
dne
plucky
dne
questing
dne
trusty
Fixed 3.5.2-2ubuntu0~16.04.4~14.04.1+esm8
released
xenial
Fixed 3.5.2-2ubuntu0~16.04.13+esm20
released
python3.6
bionic
Fixed 3.6.9-1~18.04ubuntu1.13+esm7
released
jammy
dne
noble
dne
plucky
dne
questing
dne
python3.7
bionic
Fixed 3.7.5-2ubuntu1~18.04.2+esm8
released
jammy
dne
noble
dne
plucky
dne
questing
dne
python3.8
bionic
Fixed 3.8.0-3ubuntu1~18.04.2+esm7
released
focal
Fixed 3.8.10-0ubuntu1~20.04.18+esm3
released
jammy
dne
noble
dne
plucky
dne
questing
dne
python3.9
focal
Fixed 3.9.5-3ubuntu0~20.04.1+esm7
released
jammy
dne
noble
dne
plucky
dne
questing
dne
python3.10
jammy
Fixed 3.10.12-1~22.04.12
released
noble
dne
plucky
dne
questing
dne
python3.11
jammy
Fixed 3.11.0~rc1-1~22.04.1~esm6
released
noble
dne
plucky
dne
questing
dne
python3.12
jammy
dne
noble
Fixed 3.12.3-1ubuntu0.9
released
plucky
dne
questing
dne
python3.13
jammy
dne
noble
dne
plucky
ignored
questing
Fixed 3.13.7-1ubuntu0.1
released
python3.14
jammy
dne
noble
dne
plucky
dne
questing
needs-triage
Common Weakness Enumeration
References
https://github.com/python/cpython/commit/2e6150adccaaf5bd95d4c19dfd04a36e0b325d8c
https://github.com/python/cpython/commit/5dceb93486176e6b4a6d9754491005113eb23427
https://github.com/python/cpython/commit/631ba3407e3348ccd56ce5160c4fb2c5dc5f4d84
https://github.com/python/cpython/commit/892747b4cf0f95ba8beb51c0d0658bfaa381ebca
https://github.com/python/cpython/commit/9ab89c026aa9611c4b0b67c288b8303a480fe742
https://github.com/python/cpython/commit/c8a5f3435c342964e0a432cc9fb448b7dbecd1ba
https://github.com/python/cpython/commit/f029e8db626ddc6e3a3beea4eff511a71aaceb5c
https://github.com/python/cpython/issues/136065
https://mail.python.org/archives/list/security-announce@python.org/thread/IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA/