CVE-2024-8088 Infinite loop when iterating over zip archive entry names from zipfile.Path

2024-08-2218:45:31

CWE-835

PSF

www.cve.org

cpython

zipfile

vulnerability

zip archive

infinite loop

metadata

CVSS4

8.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/SC:N/VI:N/SI:N/VA:H/SA:N/S:N/AU:N/R:U/RE:L

EPSS

0.001

Percentile

17.8%

JSON

There is a HIGH severity vulnerability affecting the CPython “zipfile”
module affecting “zipfile.Path”. Note that the more common API “zipfile.ZipFile” class is unaffected.

When iterating over names of entries in a zip archive (for example, methods
of “zipfile.Path” like “namelist()”, “iterdir()”, etc)
the process can be put into an infinite loop with a maliciously crafted
zip archive. This defect applies when reading only metadata or extracting
the contents of the zip archive. Programs that are not handling
user-controlled zip archives are not affected.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "CPython",
    "repo": "https://github.com/python/cpython",
    "vendor": "Python Software Foundation",
    "versions": [
      {
        "version": "0",
        "lessThan": "3.8.20",
        "status": "affected",
        "versionType": "python"
      },
      {
        "version": "3.9.0",
        "lessThan": "3.9.20",
        "status": "affected",
        "versionType": "python"
      },
      {
        "version": "3.10.0",
        "lessThan": "3.10.15",
        "status": "affected",
        "versionType": "python"
      },
      {
        "version": "3.11.0",
        "lessThan": "3.11.10",
        "status": "affected",
        "versionType": "python"
      },
      {
        "version": "3.12.0",
        "lessThan": "3.12.6",
        "status": "affected",
        "versionType": "python"
      },
      {
        "version": "3.13.0a1",
        "lessThan": "3.13.0rc2",
        "status": "affected",
        "versionType": "python"
      }
    ]
  }
]