Fabre

#1109376 jython: CVE-2025-6069 #1109376

Package:: jython

Source:: jython

Submitter:: Moritz Mühlenhoff

Date:: 2025-07-16 15:41:07 UTC

Severity:: normal

Tags:

#1109376#5

Date:: 2025-07-16 09:09:58 UTC

From:

To:

Hi,

The following vulnerability was published for jython.

CVE-2025-6069[0]:
| The html.parser.HTMLParser class had worse-case quadratic complexity
| when processing certain crafted malformed inputs potentially leading
| to amplified denial-of-service.

https://mail.python.org/archives/list/security-announce@python.org/thread/K5PIYLR6EP3WR7ZOKKYQUWEDNQVUXOYM/


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2025-6069
https://www.cve.org/CVERecord?id=CVE-2025-6069

Please adjust the affected versions in the BTS as needed.

#1109376 jython: CVE-2025-6069 #1109376

Just Reply to ...

Reply to submitter ...

Send control command (Silently)

Set Architecture Tags (Silently)