CVE-2025-6075 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Vector
NIST	NIST	UNKNOWN	---
PSF	CNA	---	---
CISA-ADP	ADP	---	---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 3%

Debian Releases

Debian Product

Codename

pypy3

bullseye	postponed
trixie	no-dsa
bookworm	no-dsa
bullseye (security)	vulnerable
forky	vulnerable
sid	vulnerable

python3.11

bookworm	no-dsa
trixie	no-dsa
bullseye	postponed
bookworm (security)	vulnerable

python3.13

trixie	no-dsa
bookworm	no-dsa
bullseye	postponed
forky	3.13.11-1 fixed
sid	3.13.11-1 fixed

python3.14

forky	3.14.2-1 fixed
sid	3.14.2-1 fixed
trixie	no-dsa
bookworm	no-dsa
bullseye	postponed

python3.9

bullseye	postponed
trixie	no-dsa
bookworm	no-dsa
bullseye (security)	vulnerable

Ubuntu Releases

Ubuntu Product

Codename

pypy3

questing	needs-triage
plucky	needs-triage
noble	needs-triage
jammy	needs-triage
focal	needs-triage

python2.7

questing	dne
plucky	dne
noble	dne
jammy	needs-triage
focal	needs-triage
bionic	needs-triage
xenial	needs-triage
trusty	needs-triage

python3.4

questing	dne
plucky	dne
noble	dne
jammy	dne
trusty	Fixed 3.4.3-1ubuntu1~14.04.7+esm17 released

python3.5

questing	dne
plucky	dne
noble	dne
jammy	dne
xenial	Fixed 3.5.2-2ubuntu0~16.04.13+esm20 released
trusty	Fixed 3.5.2-2ubuntu0~16.04.4~14.04.1+esm8 released

python3.6

questing	dne
plucky	dne
noble	dne
jammy	dne
bionic	Fixed 3.6.9-1~18.04ubuntu1.13+esm7 released

python3.7

questing	dne
plucky	dne
noble	dne
jammy	dne
bionic	Fixed 3.7.5-2ubuntu1~18.04.2+esm8 released

python3.8

questing	dne
plucky	dne
noble	dne
jammy	dne
focal	Fixed 3.8.10-0ubuntu1~20.04.18+esm3 released
bionic	Fixed 3.8.0-3ubuntu1~18.04.2+esm7 released

python3.9

questing	dne
plucky	dne
noble	dne
jammy	dne
focal	Fixed 3.9.5-3ubuntu0~20.04.1+esm7 released

python3.10

questing	dne
plucky	dne
noble	dne
jammy	Fixed 3.10.12-1~22.04.12 released

python3.11

questing	dne
plucky	dne
noble	dne
jammy	Fixed 3.11.0~rc1-1~22.04.1~esm6 released

python3.12

questing	dne
plucky	dne
noble	Fixed 3.12.3-1ubuntu0.9 released
jammy	dne

python3.13

questing	Fixed 3.13.7-1ubuntu0.1 released
plucky	Fixed 3.13.3-1ubuntu0.4 released
noble	dne
jammy	dne

python3.14

questing	needs-triage
plucky	dne
noble	dne
jammy	dne

Common Weakness Enumeration

CWE-400 - Uncontrolled Resource Consumption
The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

Vulnerability Media Exposure

[GERMAN] CPython: Schwachstelle ermöglicht Denial of Service
Ein lokaler Angreifer kann eine Schwachstelle in CPython ausnutzen, um einen Denial of Service Angriff durchzuführen.
Published: 2025-11-02T23:00:00+00:00

References

https://github.com/python/cpython/commit/2e6150adccaaf5bd95d4c19dfd04a36e0b325d8c

https://github.com/python/cpython/commit/5dceb93486176e6b4a6d9754491005113eb23427

https://github.com/python/cpython/commit/631ba3407e3348ccd56ce5160c4fb2c5dc5f4d84

https://github.com/python/cpython/commit/892747b4cf0f95ba8beb51c0d0658bfaa381ebca

https://github.com/python/cpython/commit/9ab89c026aa9611c4b0b67c288b8303a480fe742

https://github.com/python/cpython/commit/c8a5f3435c342964e0a432cc9fb448b7dbecd1ba

https://github.com/python/cpython/commit/f029e8db626ddc6e3a3beea4eff511a71aaceb5c

https://github.com/python/cpython/issues/136065

https://mail.python.org/archives/list/security-announce@python.org/thread/IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA/