cpython zipfile

The cpython zipfile tag covers discussions about the Python standard library's zipfile module, particularly security vulnerabilities and patches. A key topic is CVE-2024-0450, a vulnerability involving quoted-overlap zip bombs that cause excessive resource consumption during extraction. The Python Security Team and upstream maintainers have patched this issue by causing zipfile to reject archives with overlapping entries. This vulnerability affects not only desktop Python interpreters but also servers, CI pipelines, and appliances that use Python for file analysis. The tag is relevant for developers and IT professionals managing Python environments and ensuring secure handling of ZIP archives.