Skip to main content

Ubuntu EUVDEUVD-2025-18496

| CVE-2025-6069 MEDIUM
Inefficient Regular Expression Complexity (ReDoS) (CWE-1333)
2025-06-17 cna@python.org
4.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.3 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Ubuntu
MEDIUM
qualitative
SUSE
MEDIUM
qualitative
Red Hat
4.3 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low

Lifecycle Timeline

4
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
EUVD ID Assigned
Mar 14, 2026 - 22:15 euvd
EUVD-2025-18496
Analysis Generated
Mar 14, 2026 - 22:15 vuln.today
CVE Published
Jun 17, 2025 - 14:15 nvd
MEDIUM 4.3

DescriptionCVE.org

The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service.

AnalysisAI

CVE-2025-6069 is a security vulnerability (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Technical ContextAI

Vulnerability type not specified by vendor.

RemediationAI

Monitor vendor channels for patch availability.

Vendor StatusVendor

Ubuntu

Priority: Medium
jython
Release Status Version
xenial needs-triage -
bionic needs-triage -
focal needs-triage -
jammy needs-triage -
noble needs-triage -
upstream needs-triage -
oracular ignored end of life, was needs-triage
questing needs-triage -
plucky ignored end of life, was needs-triage
python2.7
Release Status Version
noble DNE -
oracular DNE -
plucky DNE -
upstream needs-triage -
bionic needed -
focal needed -
jammy needed -
trusty needed -
xenial needed -
questing DNE -
python3.11
Release Status Version
noble DNE -
oracular DNE -
plucky DNE -
upstream needs-triage -
trusty DNE -
xenial DNE -
bionic DNE -
focal DNE -
jammy released 3.11.0~rc1-1~22.04.1~esm5
questing DNE -
python3.12
Release Status Version
jammy DNE -
plucky DNE -
upstream needs-triage -
oracular ignored end of life, was needed
trusty DNE -
xenial DNE -
bionic DNE -
focal DNE -
noble released 3.12.3-1ubuntu0.8
questing DNE -
python3.13
Release Status Version
jammy DNE -
noble DNE -
oracular ignored end of life, was needed
trusty DNE -
xenial DNE -
bionic DNE -
focal DNE -
plucky released 3.13.3-1ubuntu0.3
upstream released 3.13.6-1
questing released 3.13.6-1
python3.9
Release Status Version
jammy DNE -
noble DNE -
oracular DNE -
plucky DNE -
upstream needs-triage -
trusty DNE -
xenial DNE -
bionic DNE -
focal released 3.9.5-3ubuntu0~20.04.1+esm6
questing DNE -
python3.4
Release Status Version
xenial DNE -
bionic DNE -
focal DNE -
jammy DNE -
noble DNE -
oracular DNE -
plucky DNE -
upstream needs-triage -
trusty released 3.4.3-1ubuntu1~14.04.7+esm16
questing DNE -
python3.5
Release Status Version
bionic DNE -
focal DNE -
jammy DNE -
noble DNE -
oracular DNE -
plucky DNE -
upstream needs-triage -
xenial released 3.5.2-2ubuntu0~16.04.13+esm19
trusty released 3.5.2-2ubuntu0~16.04.4~14.04.1+esm7
questing DNE -
python3.6
Release Status Version
trusty DNE -
xenial DNE -
focal DNE -
jammy DNE -
noble DNE -
oracular DNE -
plucky DNE -
upstream needs-triage -
bionic released 3.6.9-1~18.04ubuntu1.13+esm6
questing DNE -
python3.7
Release Status Version
trusty DNE -
xenial DNE -
focal DNE -
jammy DNE -
noble DNE -
oracular DNE -
plucky DNE -
upstream needs-triage -
bionic released 3.7.5-2ubuntu1~18.04.2+esm7
questing DNE -
python3.8
Release Status Version
trusty DNE -
xenial DNE -
jammy DNE -
noble DNE -
oracular DNE -
plucky DNE -
upstream needs-triage -
bionic released 3.8.0-3ubuntu1~18.04.2+esm6
focal released 3.8.10-0ubuntu1~20.04.18+esm2
questing DNE -
python3.10
Release Status Version
trusty DNE -
xenial DNE -
bionic DNE -
focal DNE -
noble DNE -
oracular DNE -
plucky DNE -
upstream needs-triage -
jammy released 3.10.12-1~22.04.11
questing DNE -
python3.14
Release Status Version
trusty DNE -
xenial DNE -
bionic DNE -
focal DNE -
jammy DNE -
noble DNE -
oracular DNE -
plucky DNE -
upstream released 3.14.0b3
questing not-affected 3.14.0~b3-1

Debian

Bug #1109376
jython
Release Status Fixed Version Urgency
bullseye fixed (unfixed) end-of-life
forky, sid, bookworm, trixie vulnerable 2.7.3+repack1-1 -
(unstable) fixed (unfixed) -
pypy3
Release Status Fixed Version Urgency
bullseye fixed 7.3.5+dfsg-2+deb11u5 -
bullseye (security) fixed 7.3.5+dfsg-2+deb11u5 -
bookworm vulnerable 7.3.11+dfsg-2+deb12u3 -
trixie vulnerable 7.3.19+dfsg-2 -
forky, sid vulnerable 7.3.20+dfsg-4 -
(unstable) fixed (unfixed) -
python2.7
Release Status Fixed Version Urgency
bullseye fixed (unfixed) end-of-life
(unstable) fixed (unfixed) -
python3.11
Release Status Fixed Version Urgency
bookworm vulnerable 3.11.2-6+deb12u6 -
bookworm (security) vulnerable 3.11.2-6+deb12u3 -
(unstable) fixed (unfixed) -
python3.13
Release Status Fixed Version Urgency
trixie vulnerable 3.13.5-2 -
forky, sid fixed 3.13.12-1 -
(unstable) fixed 3.13.6-1 -
python3.9
Release Status Fixed Version Urgency
bullseye fixed 3.9.2-1+deb11u4 -
bullseye (security) fixed 3.9.2-1+deb11u5 -
(unstable) fixed (unfixed) -
python3.12
Release Status Fixed Version Urgency
(unstable) fixed (unfixed) -

SUSE

Severity: Medium
Product Status
Container bci/spack:0.23.1-11.42 Container suse/manager/5.0/x86_64/server-migration-14-16:5.0.5.1.7.26.2 Container suse/mariadb:10.11.11-70.15 Container suse/multi-linux-manager/5.1/x86_64/server-migration-14-16:5.1.1.8.7.1 Container suse/sle-micro-rancher/5.2:latest Container suse/sle-micro/5.1/toolbox:14.2-3.13.160 Container suse/sle-micro/5.2/toolbox:14.2-7.11.162 Container suse/sle-micro/5.3/toolbox:14.2-6.11.170 Container suse/sle-micro/5.4/toolbox:14.2-5.19.170 Container suse/sle-micro/5.5/toolbox:14.2-3.12.76 Image SLES15-SP6-CHOST-BYOS-GCE Image SLES15-SP7-CHOST-BYOS-GCE Image server-database-migration-image Image server-migration-14-16-image Affected
Container suse/manager/4.3/proxy-httpd:4.3.16.9.67.14 Container suse/manager/4.3/proxy-salt-broker:4.3.16.9.57.14 Container suse/manager/4.3/proxy-ssh:4.3.16.9.57.11 Container suse/manager/4.3/proxy-tftpd:4.3.16.9.57.13 Container suse/manager/5.0/x86_64/proxy-httpd:5.0.5.1.7.26.2 Container suse/manager/5.0/x86_64/proxy-salt-broker:5.0.5.1.7.28.2 Container suse/manager/5.0/x86_64/proxy-ssh:5.0.5.1.7.26.1 Container suse/manager/5.0/x86_64/proxy-tftpd:5.0.5.1.7.26.1 Container suse/multi-linux-manager/5.1/x86_64/proxy-httpd:5.1.1.8.9.2 Container suse/multi-linux-manager/5.1/x86_64/proxy-squid:5.1.2.8.13.1 Container suse/multi-linux-manager/5.1/x86_64/proxy-ssh:5.1.1.8.7.1 Container suse/multi-linux-manager/5.1/x86_64/proxy-tftpd:5.1.1.8.7.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM Image SLES15-SP3-Micro-5-2-BYOS-GCE Image SLES15-SP4-CHOST-BYOS Image SLES15-SP4-CHOST-BYOS-Aliyun Image SLES15-SP4-CHOST-BYOS-Azure Image SLES15-SP4-CHOST-BYOS-EC2 Image SLES15-SP4-CHOST-BYOS-GCE Image SLES15-SP4-CHOST-BYOS-SAP-CCloud Image SLES15-SP4-Micro-5-3 Image SLES15-SP4-Micro-5-3-BYOS Image SLES15-SP4-Micro-5-3-BYOS-Azure Image SLES15-SP4-Micro-5-3-BYOS-EC2 Image SLES15-SP4-Micro-5-3-BYOS-GCE Image SLES15-SP4-Micro-5-3-EC2 Image SLES15-SP4-Micro-5-4 Image SLES15-SP4-Micro-5-4-BYOS Image SLES15-SP4-Micro-5-4-BYOS-Azure Image SLES15-SP4-Micro-5-4-BYOS-EC2 Image SLES15-SP4-Micro-5-4-BYOS-GCE Image SLES15-SP4-Micro-5-4-EC2 Image SLES15-SP4-Micro-5-4-GCE Image SLES15-SP5-CHOST-BYOS-Aliyun Image SLES15-SP5-CHOST-BYOS-Azure Image SLES15-SP5-CHOST-BYOS-EC2 Image SLES15-SP5-CHOST-BYOS-GCE Image SLES15-SP5-CHOST-BYOS-GDC Image SLES15-SP5-CHOST-BYOS-SAP-CCloud Image SLES15-SP5-Manager-Proxy-5-0-BYOS Image SLES15-SP5-Manager-Proxy-5-0-BYOS-Azure Image SLES15-SP5-Manager-Proxy-5-0-BYOS-EC2 Image SLES15-SP5-Manager-Proxy-5-0-BYOS-GCE Image SLES15-SP5-Manager-Server-5-0-BYOS Image SLES15-SP5-Manager-Server-5-0-BYOS-Azure Image SLES15-SP5-Manager-Server-5-0-BYOS-EC2 Image SLES15-SP5-Manager-Server-5-0-BYOS-GCE Image SLES15-SP5-Micro-5-5 Image SLES15-SP5-Micro-5-5-Azure Image SLES15-SP5-Micro-5-5-BYOS Image SLES15-SP5-Micro-5-5-BYOS-Azure Image SLES15-SP5-Micro-5-5-BYOS-EC2 Image SLES15-SP5-Micro-5-5-BYOS-GCE Image SLES15-SP5-Micro-5-5-EC2 Image SLES15-SP5-Micro-5-5-GCE Image SLES15-SP6-CHOST-BYOS Image SLES15-SP6-CHOST-BYOS-Aliyun Image SLES15-SP6-CHOST-BYOS-Azure Image SLES15-SP6-CHOST-BYOS-EC2 Image SLES15-SP6-CHOST-BYOS-GDC Image SLES15-SP6-CHOST-BYOS-SAP-CCloud Image SLES15-SP7-CHOST-BYOS-Aliyun Image SLES15-SP7-CHOST-BYOS-Azure Image SLES15-SP7-CHOST-BYOS-EC2 Image SLES15-SP7-CHOST-BYOS-GDC Image SLES15-SP7-CHOST-BYOS-SAP-CCloud Image proxy-httpd-image Image proxy-squid-image Image proxy-ssh-image Image proxy-tftpd-image Affected
Container suse/manager/5.0/x86_64/server:5.0.5.1.7.33.2 Image SLES15-SP4-BYOS-GCE Image SLES15-SP4-HPC-BYOS-GCE Image SLES15-SP4-HPC-GCE Image SLES15-SP4-Hardened-BYOS-GCE Image SLES15-SP4-Manager-Proxy-4-3-BYOS Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2 Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE Image SLES15-SP4-Manager-Server-4-3-BYOS Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE Image SLES15-SP4-SAP-Azure-LI-BYOS Image SLES15-SP4-SAP-Azure-LI-BYOS-Production Image SLES15-SP4-SAP-Azure-VLI-BYOS Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production Image SLES15-SP4-SAP-BYOS-GCE Image SLES15-SP4-SAP-GCE Image SLES15-SP4-SAP-Hardened Image SLES15-SP4-SAP-Hardened-BYOS-GCE Image SLES15-SP4-SAP-Hardened-GCE Image SLES15-SP4-SAPCAL-GCE Image SLES15-SP5-BYOS-GCE Image SLES15-SP5-GCE Image SLES15-SP5-HPC-BYOS-GCE Image SLES15-SP5-Hardened-BYOS-GCE Image SLES15-SP5-SAP-Azure-LI-BYOS Image SLES15-SP5-SAP-Azure-LI-BYOS-Production Image SLES15-SP5-SAP-Azure-VLI-BYOS Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production Image SLES15-SP5-SAP-BYOS-GCE Image SLES15-SP5-SAP-Hardened-BYOS-GCE Image SLES15-SP5-SAP-Hardened-GCE Image SLES15-SP5-SAPCAL-GCE Image SLES15-SP6-BYOS-GCE Image SLES15-SP6-GCE Image SLES15-SP6-HPC-BYOS-GCE Image SLES15-SP6-HPC-GCE Image SLES15-SP6-Hardened-BYOS-GCE Image SLES15-SP6-SAP Image SLES15-SP6-SAP-Azure-LI-BYOS Image SLES15-SP6-SAP-Azure-LI-BYOS-Production Image SLES15-SP6-SAP-Azure-VLI-BYOS Image SLES15-SP6-SAP-Azure-VLI-BYOS-Production Image SLES15-SP6-SAP-BYOS-GCE Image SLES15-SP6-SAP-GCE Image SLES15-SP6-SAP-Hardened Image SLES15-SP6-SAP-Hardened-BYOS-GCE Image SLES15-SP6-SAP-Hardened-GCE Image SLES15-SP6-SAPCAL Image SLES15-SP6-SAPCAL-GCE Image SLES15-SP7-GCE Image SLES15-SP7-GCE-3P Image SLES15-SP7-SAP-Azure-LI-BYOS-Production Image SLES15-SP7-SAP-Azure-VLI-BYOS-Production Image SLES15-SP7-SAP-GCE Image SLES15-SP7-SAP-GCE-3P Image SLES15-SP7-SAP-Hardened-GCE Image SLES15-SP7-SAPCAL-GCE Affected
Container suse/multi-linux-manager/5.1/x86_64/proxy-salt-broker:5.1.2.9.13.2 Image SLES15-SP6-EC2-ECS-HVM Image SLES15-SP7-EC2-ECS-HVM Image proxy-salt-broker-image Affected
Container suse/multi-linux-manager/5.1/x86_64/server-saline:5.1.2.9.13.1 Image server-saline-image Affected

Share

EUVD-2025-18496 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy