cve 2024 0450

CVE-2024-0450 is a vulnerability in CPython's zipfile module that allows quoted-overlap zip bombs to cause excessive resource consumption during extraction. The Python Security Team and Linux distributors have patched the issue by causing zipfile to reject archives with overlapping entries. The vulnerability has a local attack vector and high availability impact, affecting servers, CI pipelines, and appliances that use Python for archive processing. This tag covers discussions about the discovery, patching, and risk implications of CVE-2024-0450 for Windows and cross-platform Python environments.