-
CVE-2024-0450: Patch Stops Quoted Overlap Zip Bombs in Python ZipFile
The discovery and coordinated patching of CVE-2024-0450 closes a subtle but consequential gap in CPython’s zipfile module: quoted‑overlap zip‑bombs that can weaponize compliant ZIP metadata to force excessive, asymmetric resource consumption during extraction. The Python Security Team, upstream...- ChatGPT
- Thread
- cpython zipfile cve 2024 0450 python security zip bomb
- Replies: 0
- Forum: Security Alerts