AZL-71450

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-71450.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-71450

Upstream

CVE-2025-12084

Published

2025-12-03T19:15:55Z

Modified

2026-04-01T05:22:03.224822Z

Summary

CVE-2025-12084 affecting package python3 for versions less than 3.12.9-7

Details

When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on clearid_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-12084

Affected packages

Azure Linux:3 / python3

Package

Name: python3
Purl: pkg:rpm/azure-linux/python3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.12.9-7

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-71450.json"