[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-5569":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":19,"aliases":20,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":54,"related":55,"reserved_at":9,"published_at":71,"modified_at":72,"state":73,"summary":74,"references_raw":83,"kevs":105,"epss":106,"epss_history":109,"metrics":369,"affected":382},"CVE-2024-5569","A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding. The vulnerability was addressed in version 3.19.1 of jaraco/zipp.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-835","Loop with Unreachable Exit Condition ('Infinite Loop')","The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.","weakness","Incomplete","Base",[],[],[21],"GHSA-jfmj-5v4g-7637",[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52],{"_key":25},"SUSE-SU-2024:4020-1",{"_key":27},"SUSE-SU-2024:4021-1",{"_key":29},"SUSE-SU-2024:4029-1",{"_key":31},"UBUNTU-CVE-2024-5569",{"_key":33},"USN-6906-1",{"_key":35},"SUSE-SU-2024:2397-1",{"_key":37},"SUSE-SU-2024:2400-1",{"_key":39},"OPENSUSE-SU-2024:14167-1",{"_key":41},"DEBIAN-CVE-2024-5569",{"_key":43},"MGASA-2025-0066",{"_key":45},"RHSA-2024:6428",{"_key":47},"RHSA-2024:8232",{"_key":49},"RHSA-2024:8906",{"_key":51},"RHSA-2024:9977",{"_key":53},"RHSA-2024:8418",[],[56,57,58,59,60,61,62,63,65,67,69],{"_key":25},{"_key":27},{"_key":29},{"_key":35},{"_key":37},{"_key":39},{"_key":43},{"_key":64},"CGA-69GM-MRF8-5MJ6",{"_key":66},"CGA-7GXW-GX69-9QPC",{"_key":68},"CGA-FVPQ-C5RC-92H6",{"_key":70},"CGA-WHXJ-3QWV-XG56","2024-07-09T00:00:14.522Z","2025-10-15T12:50:27.929Z","Deferred",{"cisa_kev":75,"cisa_ransomware":75,"cisa_vendor":9,"epss_severity":76,"epss_score":77,"severity":78,"severity_score":79,"severity_version":80,"severity_source":81,"severity_vector":82,"severity_status":73},false,"low",0.00016,"medium",6.2,"v3.0","cve.org","CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[84,91,95,100],{"url":85,"sources":86,"tags":89},"https://huntr.com/bounties/be898306-11f9-46b4-b28c-f4c4aa4ffbae",[81,87,88],"nvd","osv_pypi",[90],"WEB",{"url":92,"sources":93,"tags":94},"https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd",[81,87,88],[90],{"url":96,"sources":97,"tags":98},"https://nvd.nist.gov/vuln/detail/CVE-2024-5569",[88],[99],"Advisory",{"url":101,"sources":102,"tags":103},"https://github.com/jaraco/zipp",[88],[104],"PACKAGE",[],{"date":107,"score":77,"percentile":108},"2026-06-04",0.03944,[110,113,116,119,122,125,128,131,134,137,140,143,146,149,152,156,159,162,165,168,171,174,177,180,183,186,189,192,195,198,201,204,207,210,213,216,219,222,225,228,231,233,236,239,241,244,247,249,252,254,257,260,263,266,269,272,275,278,281,284,287,290,292,294,297,300,303,306,309,312,314,316,318,321,324,327,330,333,336,339,341,344,347,350,353,356,358,361,363,366],{"date":111,"score":77,"percentile":112},"2025-11-04",0.02585,{"date":114,"score":77,"percentile":115},"2025-11-05",0.0261,{"date":117,"score":77,"percentile":118},"2025-11-06",0.02637,{"date":120,"score":77,"percentile":121},"2025-11-07",0.02648,{"date":123,"score":77,"percentile":124},"2025-11-08",0.02656,{"date":126,"score":77,"percentile":127},"2025-11-09",0.02658,{"date":129,"score":77,"percentile":130},"2025-11-10",0.02631,{"date":132,"score":77,"percentile":133},"2025-11-11",0.02646,{"date":135,"score":77,"percentile":136},"2025-11-12",0.0266,{"date":138,"score":77,"percentile":139},"2025-11-13",0.02707,{"date":141,"score":77,"percentile":142},"2025-11-14",0.02728,{"date":144,"score":77,"percentile":145},"2025-11-15",0.02753,{"date":147,"score":77,"percentile":148},"2025-11-16",0.02752,{"date":150,"score":77,"percentile":151},"2025-11-17",0.0274,{"date":153,"score":154,"percentile":155},"2025-11-18",0.00072,0.18001,{"date":157,"score":154,"percentile":158},"2025-11-19",0.18017,{"date":160,"score":154,"percentile":161},"2025-11-20",0.17992,{"date":163,"score":77,"percentile":164},"2025-11-21",0.02827,{"date":166,"score":77,"percentile":167},"2025-11-22",0.02824,{"date":169,"score":77,"percentile":170},"2025-11-23",0.02819,{"date":172,"score":77,"percentile":173},"2025-11-24",0.02807,{"date":175,"score":77,"percentile":176},"2025-11-25",0.02788,{"date":178,"score":77,"percentile":179},"2025-11-26",0.02767,{"date":181,"score":77,"percentile":182},"2025-11-27",0.02764,{"date":184,"score":77,"percentile":185},"2025-11-28",0.02772,{"date":187,"score":77,"percentile":188},"2025-11-29",0.02826,{"date":190,"score":77,"percentile":191},"2025-11-30",0.02828,{"date":193,"score":77,"percentile":194},"2025-12-01",0.029,{"date":196,"score":77,"percentile":197},"2025-12-02",0.02896,{"date":199,"score":77,"percentile":200},"2025-12-03",0.02898,{"date":202,"score":77,"percentile":203},"2025-12-04",0.02825,{"date":205,"score":77,"percentile":206},"2025-12-05",0.02846,{"date":208,"score":77,"percentile":209},"2025-12-06",0.02869,{"date":211,"score":77,"percentile":212},"2025-12-07",0.02873,{"date":214,"score":77,"percentile":215},"2025-12-08",0.0287,{"date":217,"score":77,"percentile":218},"2025-12-09",0.02888,{"date":220,"score":77,"percentile":221},"2025-12-10",0.02917,{"date":223,"score":77,"percentile":224},"2025-12-11",0.02916,{"date":226,"score":77,"percentile":227},"2025-12-12",0.02927,{"date":229,"score":77,"percentile":230},"2025-12-13",0.02899,{"date":232,"score":77,"percentile":194},"2025-12-14",{"date":234,"score":77,"percentile":235},"2025-12-15",0.02893,{"date":237,"score":77,"percentile":238},"2025-12-16",0.02887,{"date":240,"score":77,"percentile":194},"2025-12-17",{"date":242,"score":77,"percentile":243},"2025-12-18",0.02907,{"date":245,"score":77,"percentile":246},"2025-12-19",0.02908,{"date":248,"score":77,"percentile":243},"2025-12-20",{"date":250,"score":77,"percentile":251},"2025-12-21",0.02919,{"date":253,"score":77,"percentile":224},"2025-12-22",{"date":255,"score":77,"percentile":256},"2025-12-23",0.02921,{"date":258,"score":77,"percentile":259},"2025-12-24",0.02923,{"date":261,"score":77,"percentile":262},"2025-12-25",0.02929,{"date":264,"score":77,"percentile":265},"2025-12-26",0.02932,{"date":267,"score":77,"percentile":268},"2025-12-27",0.02913,{"date":270,"score":77,"percentile":271},"2025-12-28",0.02925,{"date":273,"score":77,"percentile":274},"2025-12-29",0.02914,{"date":276,"score":77,"percentile":277},"2025-12-30",0.02911,{"date":279,"score":77,"percentile":280},"2025-12-31",0.02902,{"date":282,"score":77,"percentile":283},"2026-01-01",0.02976,{"date":285,"score":77,"percentile":286},"2026-01-02",0.02972,{"date":288,"score":77,"percentile":289},"2026-01-03",0.0297,{"date":291,"score":77,"percentile":238},"2026-01-04",{"date":293,"score":77,"percentile":218},"2026-01-05",{"date":295,"score":77,"percentile":296},"2026-01-06",0.02885,{"date":298,"score":77,"percentile":299},"2026-01-07",0.02906,{"date":301,"score":77,"percentile":302},"2026-01-08",0.02931,{"date":304,"score":77,"percentile":305},"2026-01-09",0.02944,{"date":307,"score":77,"percentile":308},"2026-01-10",0.02952,{"date":310,"score":77,"percentile":311},"2026-01-11",0.02936,{"date":313,"score":77,"percentile":197},"2026-01-12",{"date":315,"score":77,"percentile":238},"2026-01-13",{"date":317,"score":77,"percentile":235},"2026-01-14",{"date":319,"score":77,"percentile":320},"2026-01-15",0.0288,{"date":322,"score":77,"percentile":323},"2026-01-16",0.02877,{"date":325,"score":77,"percentile":326},"2026-01-17",0.02879,{"date":328,"score":77,"percentile":329},"2026-01-18",0.02882,{"date":331,"score":77,"percentile":332},"2026-01-19",0.02871,{"date":334,"score":77,"percentile":335},"2026-01-20",0.02859,{"date":337,"score":77,"percentile":338},"2026-01-21",0.02845,{"date":340,"score":77,"percentile":338},"2026-01-22",{"date":342,"score":77,"percentile":343},"2026-01-23",0.02853,{"date":345,"score":77,"percentile":346},"2026-01-24",0.02874,{"date":348,"score":77,"percentile":349},"2026-01-25",0.02872,{"date":351,"score":77,"percentile":352},"2026-01-26",0.02866,{"date":354,"score":77,"percentile":355},"2026-01-27",0.02867,{"date":357,"score":77,"percentile":215},"2026-01-28",{"date":359,"score":77,"percentile":360},"2026-01-29",0.02894,{"date":362,"score":77,"percentile":200},"2026-01-30",{"date":364,"score":77,"percentile":365},"2026-01-31",0.0292,{"date":367,"score":77,"percentile":368},"2026-02-01",0.02984,[370,375,377],{"source":81,"cvss_v2_0":9,"cvss_v3_0":371,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":79,"baseSeverity":372,"vectorString":82,"impactScore":373,"exploitabilityScore":374},"MEDIUM",6,6.4,{"source":87,"cvss_v2_0":9,"cvss_v3_0":376,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":79,"baseSeverity":372,"vectorString":82,"impactScore":373,"exploitabilityScore":374},{"source":88,"cvss_v2_0":9,"cvss_v3_0":378,"cvss_v3_1":9,"cvss_v4_0":379},{"baseScore":79,"baseSeverity":9,"vectorString":82,"impactScore":373,"exploitabilityScore":374},{"baseScore":380,"baseSeverity":9,"vectorString":381,"impactScore":9,"exploitabilityScore":9},6.9,"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",[383,395],{"ecosystem":9,"name":384,"vendor":385,"product":384,"cpe_part":386,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":387},"jaraco/zipp","jaraco","a",[388],{"version":389,"is_range":390,"range_type":81,"version_start":391,"version_start_type":392,"version_end":393,"version_end_type":394,"fixed_in":9},">= unspecified, \u003C 3.19.1",true,"unspecified","including","3.19.1","excluding",{"ecosystem":396,"name":397,"vendor":396,"product":397,"cpe_part":9,"purl_type":398,"purl_namespace":9,"purl_name":397,"source":9,"versions":399},"PyPI","zipp","pypi",[400],{"version":401,"is_range":390,"range_type":402,"version_start":9,"version_start_type":9,"version_end":393,"version_end_type":394,"fixed_in":9},"lt3_19_1","ecosystem"]