CVE-2019-9674

• SUSE-SU-2020:0467-1
• SUSE-SU-2020:0510-1
• SUSE-SU-2020:0557-1
• SUSE-SU-2020:0854-1
• SUSE-SU-2020:1339-1
• SUSE-SU-2020:1524-1
• openSUSE-SU-2020:0274-1
• openSUSE-SU-2020:0696-1
• openSUSE-SU-2024:11202-1
• openSUSE-SU-2024:11284-1

• 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

{
    "unresolved_ranges": [
        {
            "cpes": [
                "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
                "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
                "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
                "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*"
            ],
            "extracted_events": [
                {
                    "last_affected": "12.04"
                },
                {
                    "last_affected": "14.04"
                },
                {
                    "last_affected": "16.04"
                },
                {
                    "last_affected": "18.04"
                },
                {
                    "last_affected": "20.04"
                }
            ],
            "source": "CPE_FIELD",
            "vendor_product": "canonical:ubuntu_linux"
        }
    ]
}

• http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html
• http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html
• https://github.com/python/cpython/blob/master/Lib/zipfile.py
• https://python-security.readthedocs.io/security.html#archives-and-zip-bomb
• https://security.netapp.com/advisory/ntap-20200221-0003/
• https://usn.ubuntu.com/4428-1/
• https://www.python.org/news/security/
• https://bugs.python.org/issue36260
• https://bugs.python.org/issue36462