There is a MEDIUM severity vulnerability affecting CPython.

When using the "tarfile" module with a file opened in "streaming mode"
(mode="r|") the tarfile module did not properly handle EOF, meaning an
archive could be parsed in an infinite loop.

Please see the linked CVE ID for the latest information on affected
versions:

* https://www.cve.org/CVERecord?id=CVE-2026-11972
* https://github.com/python/cpython/pull/151982
_______________________________________________
Security-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
https://mail.python.org/mailman3//lists/security-announce.python.org
Member address: [email protected]

Reply via email to