[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-0450":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":19,"aliases":20,"duplicate_of":9,"upstream":21,"downstream":22,"duplicates":95,"related":96,"reserved_at":9,"published_at":129,"modified_at":130,"state":131,"summary":132,"references_raw":141,"kevs":218,"epss":219,"epss_history":222,"metrics":487,"affected":495},"CVE-2024-0450","An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior.\n\nThe zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive.\n\n",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-405","Asymmetric Resource Consumption (Amplification)","The product does not properly control situations in which an adversary can cause the product to consume or produce excessive resources without requiring the adversary to invest equivalent work or otherwise prove authorization, i.e., the adversary's influence is \"asymmetric.\"","weakness","Incomplete","Class",[],[],[],[],[23,25,27,29,31,33,35,37,39,41,43,45,47,49,51,53,55,57,59,61,63,65,67,69,71,73,75,77,79,81,83,85,87,89,91,93],{"_key":24},"ALPINE-CVE-2024-0450",{"_key":26},"OPENSUSE-SU-2024:13794-1",{"_key":28},"SUSE-SU-2024:1774-1",{"_key":30},"SUSE-SU-2024:1843-1",{"_key":32},"SUSE-SU-2024:1844-1",{"_key":34},"SUSE-SU-2024:1847-1",{"_key":36},"SUSE-SU-2024:1009-1",{"_key":38},"SUSE-SU-2024:1162-1",{"_key":40},"SUSE-SU-2024:1556-1",{"_key":42},"SUSE-SU-2024:1862-1",{"_key":44},"SUSE-SU-2024:2479-1",{"_key":46},"OPENSUSE-SU-2024:13790-1",{"_key":48},"OPENSUSE-SU-2024:13799-1",{"_key":50},"OPENSUSE-SU-2024:13800-1",{"_key":52},"OPENSUSE-SU-2024:13983-1",{"_key":54},"DLA-3771-1",{"_key":56},"DLA-3772-1",{"_key":58},"DLA-3948-1",{"_key":60},"DLA-3980-1",{"_key":62},"SUSE-SU-2025:20025-1",{"_key":64},"SUSE-SU-2025:20154-1",{"_key":66},"SUSE-SU-2025:20374-1",{"_key":68},"MGASA-2024-0096",{"_key":70},"USN-7212-1",{"_key":72},"DEBIAN-CVE-2024-0450",{"_key":74},"RHSA-2024:3347",{"_key":76},"RHSA-2024:3391",{"_key":78},"RHSA-2024:4058",{"_key":80},"RHSA-2024:4078",{"_key":82},"RHSA-2024:4243",{"_key":84},"RHSA-2024:4406",{"_key":86},"RHSA-2024:9190",{"_key":88},"RHSA-2024:9192",{"_key":90},"UBUNTU-CVE-2024-0450",{"_key":92},"USN-6891-1",{"_key":94},"RHSA-2024:3466",[],[97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,117,119,121,123,125,127],{"_key":26},{"_key":68},{"_key":28},{"_key":30},{"_key":32},{"_key":34},{"_key":36},{"_key":38},{"_key":40},{"_key":42},{"_key":44},{"_key":46},{"_key":48},{"_key":50},{"_key":52},{"_key":62},{"_key":64},{"_key":66},{"_key":116},"CGA-4VJW-WWQ7-F66H",{"_key":118},"CGA-5PMM-MMG3-PFP3",{"_key":120},"CGA-G26P-7GX3-GCGW",{"_key":122},"CGA-P85W-JMJJ-G7HV",{"_key":124},"CGA-PRXP-F49F-C242",{"_key":126},"CGA-XV5J-X8P3-PHRW",{"_key":128},"CGA-93C7-PMH4-F4M2","2024-03-19T15:12:07.789Z","2025-11-03T21:50:58.107Z","Deferred",{"cisa_kev":133,"cisa_ransomware":133,"cisa_vendor":9,"epss_severity":134,"epss_score":135,"severity":136,"severity_score":137,"severity_version":138,"severity_source":139,"severity_vector":140,"severity_status":131},false,"low",0.00153,"medium",6.2,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[142,148,152,156,160,164,168,173,177,182,186,190,194,198,202,206,210,214],{"url":143,"sources":144,"tags":146},"https://github.com/python/cpython/commit/66363b9a7b9fe7c99eba3a185b74c5fdbf842eba",[139,145],"nvd",[147],"Patch",{"url":149,"sources":150,"tags":151},"https://github.com/python/cpython/commit/fa181fcf2156f703347b03a3b1966ce47be8ab3b",[139,145],[147],{"url":153,"sources":154,"tags":155},"https://github.com/python/cpython/commit/a956e510f6336d5ae111ba429a61c3ade30a7549",[139,145],[147],{"url":157,"sources":158,"tags":159},"https://github.com/python/cpython/commit/30fe5d853b56138dbec62432d370a1f99409fc85",[139,145],[147],{"url":161,"sources":162,"tags":163},"https://github.com/python/cpython/commit/a2c59992e9e8d35baba9695eb186ad6c6ff85c51",[139,145],[147],{"url":165,"sources":166,"tags":167},"https://github.com/python/cpython/commit/d05bac0b74153beb541b88b4fca33bf053990183",[139,145],[147],{"url":169,"sources":170,"tags":171},"https://github.com/python/cpython/issues/109858",[139,145],[172],"Issue Tracking",{"url":174,"sources":175,"tags":176},"https://www.bamsoftware.com/hacks/zipbomb/",[139,145],[],{"url":178,"sources":179,"tags":180},"https://mail.python.org/archives/list/security-announce@python.org/thread/XELNUX2L3IOHBTFU7RQHCY6OUVEWZ2FG/",[139,145],[181],"Vendor Advisory",{"url":183,"sources":184,"tags":185},"https://lists.debian.org/debian-lts-announce/2024/03/msg00024.html",[139,145],[],{"url":187,"sources":188,"tags":189},"https://lists.debian.org/debian-lts-announce/2024/03/msg00025.html",[139,145],[],{"url":191,"sources":192,"tags":193},"http://www.openwall.com/lists/oss-security/2024/03/20/5",[139,145],[],{"url":195,"sources":196,"tags":197},"https://github.com/python/cpython/commit/70497218351ba44bffc8b571201ecb5652d84675",[139,145],[147],{"url":199,"sources":200,"tags":201},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM/",[139,145],[],{"url":203,"sources":204,"tags":205},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5VHWS52HGD743C47UMCSAK2A773M2YE/",[139,145],[],{"url":207,"sources":208,"tags":209},"https://security.netapp.com/advisory/ntap-20250411-0005/",[139,145],[],{"url":211,"sources":212,"tags":213},"https://lists.debian.org/debian-lts-announce/2024/12/msg00000.html",[139,145],[],{"url":215,"sources":216,"tags":217},"https://lists.debian.org/debian-lts-announce/2024/11/msg00005.html",[139,145],[],[],{"date":220,"score":135,"percentile":221},"2026-06-04",0.35636,[223,227,230,233,236,239,242,245,248,251,254,257,259,262,265,269,272,275,278,280,283,286,289,292,295,298,301,304,307,310,313,316,319,322,325,328,331,334,337,340,343,346,349,351,354,357,360,363,366,368,371,374,376,379,383,386,389,392,395,398,401,404,407,410,413,416,419,422,424,427,430,433,436,438,440,443,446,449,452,455,458,461,464,467,470,473,476,479,481,484],{"date":224,"score":225,"percentile":226},"2025-11-04",0.00148,0.35935,{"date":228,"score":225,"percentile":229},"2025-11-05",0.35923,{"date":231,"score":225,"percentile":232},"2025-11-06",0.3592,{"date":234,"score":225,"percentile":235},"2025-11-07",0.35949,{"date":237,"score":225,"percentile":238},"2025-11-08",0.35941,{"date":240,"score":225,"percentile":241},"2025-11-09",0.35926,{"date":243,"score":225,"percentile":244},"2025-11-10",0.35894,{"date":246,"score":225,"percentile":247},"2025-11-11",0.35921,{"date":249,"score":225,"percentile":250},"2025-11-12",0.3596,{"date":252,"score":225,"percentile":253},"2025-11-13",0.35975,{"date":255,"score":225,"percentile":256},"2025-11-14",0.35979,{"date":258,"score":225,"percentile":256},"2025-11-15",{"date":260,"score":225,"percentile":261},"2025-11-16",0.35958,{"date":263,"score":225,"percentile":264},"2025-11-17",0.35934,{"date":266,"score":267,"percentile":268},"2025-11-18",0.00094,0.2254,{"date":270,"score":267,"percentile":271},"2025-11-19",0.22553,{"date":273,"score":267,"percentile":274},"2025-11-20",0.2256,{"date":276,"score":225,"percentile":277},"2025-11-21",0.35946,{"date":279,"score":225,"percentile":235},"2025-11-22",{"date":281,"score":225,"percentile":282},"2025-11-23",0.35917,{"date":284,"score":225,"percentile":285},"2025-11-24",0.35897,{"date":287,"score":225,"percentile":288},"2025-11-25",0.35899,{"date":290,"score":225,"percentile":291},"2025-11-26",0.35896,{"date":293,"score":225,"percentile":294},"2025-11-27",0.35906,{"date":296,"score":225,"percentile":297},"2025-11-28",0.35884,{"date":299,"score":225,"percentile":300},"2025-11-29",0.35867,{"date":302,"score":225,"percentile":303},"2025-11-30",0.35853,{"date":305,"score":225,"percentile":306},"2025-12-01",0.35964,{"date":308,"score":225,"percentile":309},"2025-12-02",0.35972,{"date":311,"score":225,"percentile":312},"2025-12-03",0.35969,{"date":314,"score":225,"percentile":315},"2025-12-04",0.35844,{"date":317,"score":225,"percentile":318},"2025-12-05",0.35874,{"date":320,"score":225,"percentile":321},"2025-12-06",0.35862,{"date":323,"score":225,"percentile":324},"2025-12-07",0.35832,{"date":326,"score":225,"percentile":327},"2025-12-08",0.35847,{"date":329,"score":225,"percentile":330},"2025-12-09",0.35886,{"date":332,"score":225,"percentile":333},"2025-12-10",0.35942,{"date":335,"score":225,"percentile":336},"2025-12-11",0.35968,{"date":338,"score":225,"percentile":339},"2025-12-12",0.36002,{"date":341,"score":225,"percentile":342},"2025-12-13",0.35981,{"date":344,"score":225,"percentile":345},"2025-12-14",0.35952,{"date":347,"score":225,"percentile":348},"2025-12-15",0.35912,{"date":350,"score":225,"percentile":333},"2025-12-16",{"date":352,"score":225,"percentile":353},"2025-12-17",0.3599,{"date":355,"score":225,"percentile":356},"2025-12-18",0.36032,{"date":358,"score":225,"percentile":359},"2025-12-19",0.36049,{"date":361,"score":225,"percentile":362},"2025-12-20",0.36029,{"date":364,"score":225,"percentile":365},"2025-12-21",0.35977,{"date":367,"score":225,"percentile":345},"2025-12-22",{"date":369,"score":225,"percentile":370},"2025-12-23",0.35947,{"date":372,"score":225,"percentile":373},"2025-12-24",0.35939,{"date":375,"score":225,"percentile":339},"2025-12-25",{"date":377,"score":225,"percentile":378},"2025-12-26",0.35982,{"date":380,"score":381,"percentile":382},"2025-12-27",0.00137,0.34301,{"date":384,"score":381,"percentile":385},"2025-12-28",0.34198,{"date":387,"score":381,"percentile":388},"2025-12-29",0.34165,{"date":390,"score":381,"percentile":391},"2025-12-30",0.34155,{"date":393,"score":381,"percentile":394},"2025-12-31",0.34206,{"date":396,"score":381,"percentile":397},"2026-01-01",0.34359,{"date":399,"score":381,"percentile":400},"2026-01-02",0.34351,{"date":402,"score":381,"percentile":403},"2026-01-03",0.34337,{"date":405,"score":381,"percentile":406},"2026-01-04",0.34189,{"date":408,"score":381,"percentile":409},"2026-01-05",0.34171,{"date":411,"score":381,"percentile":412},"2026-01-06",0.3418,{"date":414,"score":381,"percentile":415},"2026-01-07",0.34196,{"date":417,"score":381,"percentile":418},"2026-01-08",0.34223,{"date":420,"score":381,"percentile":421},"2026-01-09",0.34221,{"date":423,"score":381,"percentile":418},"2026-01-10",{"date":425,"score":381,"percentile":426},"2026-01-11",0.34202,{"date":428,"score":381,"percentile":429},"2026-01-12",0.34136,{"date":431,"score":381,"percentile":432},"2026-01-13",0.34122,{"date":434,"score":381,"percentile":435},"2026-01-14",0.34161,{"date":437,"score":225,"percentile":300},"2026-01-15",{"date":439,"score":225,"percentile":330},"2026-01-16",{"date":441,"score":225,"percentile":442},"2026-01-17",0.35869,{"date":444,"score":225,"percentile":445},"2026-01-18",0.35811,{"date":447,"score":225,"percentile":448},"2026-01-19",0.35771,{"date":450,"score":225,"percentile":451},"2026-01-20",0.35753,{"date":453,"score":225,"percentile":454},"2026-01-21",0.35734,{"date":456,"score":225,"percentile":457},"2026-01-22",0.35719,{"date":459,"score":225,"percentile":460},"2026-01-23",0.35777,{"date":462,"score":225,"percentile":463},"2026-01-24",0.35787,{"date":465,"score":225,"percentile":466},"2026-01-25",0.35732,{"date":468,"score":225,"percentile":469},"2026-01-26",0.35665,{"date":471,"score":225,"percentile":472},"2026-01-27",0.35658,{"date":474,"score":135,"percentile":475},"2026-01-28",0.36223,{"date":477,"score":135,"percentile":478},"2026-01-29",0.362,{"date":480,"score":135,"percentile":478},"2026-01-30",{"date":482,"score":135,"percentile":483},"2026-01-31",0.36208,{"date":485,"score":135,"percentile":486},"2026-02-01",0.36318,[488,493],{"source":139,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":489,"cvss_v4_0":9},{"baseScore":137,"baseSeverity":490,"vectorString":140,"impactScore":491,"exploitabilityScore":492},"MEDIUM",6,6.4,{"source":145,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":494,"cvss_v4_0":9},{"baseScore":137,"baseSeverity":490,"vectorString":140,"impactScore":491,"exploitabilityScore":492},[496],{"ecosystem":9,"name":497,"vendor":498,"product":499,"cpe_part":500,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":501},"CPython","python software foundation","cpython","a",[502,507,512,516,520,524],{"version":503,"is_range":504,"range_type":139,"version_start":9,"version_start_type":9,"version_end":505,"version_end_type":506,"fixed_in":9},"\u003C 3.8.19",true,"3.8.19","excluding",{"version":508,"is_range":504,"range_type":139,"version_start":509,"version_start_type":510,"version_end":511,"version_end_type":506,"fixed_in":9},">= 3.9.0, \u003C 3.9.19","3.9.0","including","3.9.19",{"version":513,"is_range":504,"range_type":139,"version_start":514,"version_start_type":510,"version_end":515,"version_end_type":506,"fixed_in":9},">= 3.10.0, \u003C 3.10.14","3.10.0","3.10.14",{"version":517,"is_range":504,"range_type":139,"version_start":518,"version_start_type":510,"version_end":519,"version_end_type":506,"fixed_in":9},">= 3.11.0, \u003C 3.11.8","3.11.0","3.11.8",{"version":521,"is_range":504,"range_type":139,"version_start":522,"version_start_type":510,"version_end":523,"version_end_type":506,"fixed_in":9},">= 3.12.0, \u003C 3.12.2","3.12.0","3.12.2",{"version":525,"is_range":504,"range_type":139,"version_start":526,"version_start_type":510,"version_end":527,"version_end_type":506,"fixed_in":9},">= 3.13.0a1, \u003C 3.13.0a3","3.13.0a1","3.13.0a3"]