{"id":"BIT-libpython-2025-6069","summary":"HTMLParser quadratic complexity when processing malformed inputs","details":"The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service.","aliases":["BIT-python-2025-6069","BIT-python-min-2025-6069","CVE-2025-6069","PSF-2025-10"],"modified":"2026-04-21T18:41:38.202871259Z","published":"2025-08-11T15:33:31.541Z","database_specific":{"cpes":["cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"],"severity":"Medium"},"references":[{"type":"WEB","url":"https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949"},{"type":"WEB","url":"https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41"},{"type":"WEB","url":"https://github.com/python/cpython/commit/8d1b3dfa09135affbbf27fb8babcf3c11415df49"},{"type":"WEB","url":"https://github.com/python/cpython/commit/ab0893fd5c579d9cea30841680e6d35fc478afb5"},{"type":"WEB","url":"https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b"},{"type":"WEB","url":"https://github.com/python/cpython/commit/f3c6f882cddc8dc30320d2e73edf019e201394fc"},{"type":"WEB","url":"https://github.com/python/cpython/commit/fdc9d214c01cb4588f540cfa03726bbf2a33fc15"},{"type":"WEB","url":"https://github.com/python/cpython/issues/135462"},{"type":"WEB","url":"https://github.com/python/cpython/pull/135464"},{"type":"WEB","url":"https://mail.python.org/archives/list/security-announce@python.org/thread/K5PIYLR6EP3WR7ZOKKYQUWEDNQVUXOYM/"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-6069"}],"affected":[{"package":{"name":"libpython","ecosystem":"Bitnami","purl":"pkg:bitnami/libpython"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"3.9.24"},{"introduced":"3.10.0"},{"fixed":"3.10.19"},{"introduced":"3.11.0"},{"fixed":"3.11.14"},{"introduced":"3.12.0"},{"fixed":"3.12.12"},{"introduced":"3.13.0"},{"fixed":"3.13.6"}]}],"database_specific":{"source":"https://github.com/bitnami/vulndb/tree/main/data/libpython/BIT-libpython-2025-6069.json"},"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}]}],"schema_version":"1.7.3"}