CVE-2025-0938

The Python standard library functions `urllib.parse.urlsplit` and `urlparse` accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in differential parsing across the Python URL parser and other specification-compliant URL parsers.

Open

LOW (0.8)

T
Tim Bastin detected CVE-2025-0938
main
T
Tim Bastin detected CVE-2025-0938
0.8.2
T
Tim Bastin detected CVE-2025-0938
HEAD
T
Tim Bastin detected CVE-2025-0938
0.9.0
System
main
System fixed CVE-2025-0938
main
System
0.9.0
System detected CVE-2025-0938
main
System
0.9.0
System
main
System fixed CVE-2025-0938
main
System
0.9.0
System detected CVE-2025-0938
main
T
Tim Bastin detected CVE-2025-0938
add-first-party-scan-to-gitlap-pipeline
T
Tim Bastin detected CVE-2025-0938
add-jobs-tags
T
Tim Bastin detected CVE-2025-0938
0.11.1
T
Tim Bastin detected CVE-2025-0938
feautre/sarif-sbom-upload-components
System
chore/adds-additional-env-flags
T
Tim Bastin
attest
T
Tim Bastin fixed CVE-2025-0938
main
System detected CVE-2025-0938
add/artifact-name-input
System
add/artifact-name-input
System
add/artifact-name-input
System updated the risk assessment from 0 to 0.42
0.11.1
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.85
0.8.2
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.42
revert-c7057e5e
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.42
0.12.0
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.42
0.9.0
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.42
chore/adds-additional-env-flags
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.42
add-first-party-scan-to-gitlap-pipeline
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.85
HEAD
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.42
add-jobs-tags
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.42
examples
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.42
attest
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.42
fix-attest.yaml
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.85
main
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.42
feautre/sarif-sbom-upload-components
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.42
add/artifact-name-input
System recalculated raw risk assessment
System updated the risk assessment from 0.42 to 0.85
add/artifact-name-input
System recalculated raw risk assessment
System updated the risk assessment from 0.42 to 0.85
0.11.1
System recalculated raw risk assessment
System updated the risk assessment from 0.42 to 0.85
0.9.0
System recalculated raw risk assessment
System updated the risk assessment from 0.42 to 0.85
revert-c7057e5e
System recalculated raw risk assessment
System updated the risk assessment from 0.42 to 0.85
chore/adds-additional-env-flags
System recalculated raw risk assessment
System updated the risk assessment from 0.42 to 0.85
add-first-party-scan-to-gitlap-pipeline
System recalculated raw risk assessment
System updated the risk assessment from 0.85 to 0.42
HEAD
System recalculated raw risk assessment
System updated the risk assessment from 0.42 to 0.85
add-jobs-tags
System recalculated raw risk assessment
System updated the risk assessment from 0.42 to 0.85
0.12.0
System recalculated raw risk assessment
System updated the risk assessment from 0.85 to 0.42
0.8.2
System recalculated raw risk assessment
System updated the risk assessment from 0.42 to 0.85
examples
System recalculated raw risk assessment
System updated the risk assessment from 0.42 to 0.85
attest
System recalculated raw risk assessment
System updated the risk assessment from 0.42 to 0.85
fix-attest.yaml
System recalculated raw risk assessment
System updated the risk assessment from 0.42 to 0.85
feautre/sarif-sbom-upload-components
System recalculated raw risk assessment
System fixed CVE-2025-0938
add/artifact-name-input
System fixed CVE-2025-0938
attest
System fixed CVE-2025-0938
0.11.1
System fixed CVE-2025-0938
examples
System fixed CVE-2025-0938
0.9.0
System fixed CVE-2025-0938
chore/adds-additional-env-flags
System fixed CVE-2025-0938
revert-c7057e5e
System fixed CVE-2025-0938
0.12.0
System fixed CVE-2025-0938
add-jobs-tags
System fixed CVE-2025-0938
fix-attest.yaml
System fixed CVE-2025-0938
feautre/sarif-sbom-upload-components
System fixed CVE-2025-0938
add-first-party-scan-to-gitlap-pipeline
System fixed CVE-2025-0938
0.8.2
System fixed CVE-2025-0938
HEAD
System fixed CVE-2025-0938
main
System detected CVE-2025-0938 with a risk of 0.42
add/artifact-name-input
System updated the risk assessment from 0.42 to 0.85
HEAD
System recalculated raw risk assessment

Add a comment

Last calculated at:

Affected component

debian/python3.11

Installed version:

3.11.2-6

Fixed in:

no patch available

Show in dependency graph

🛡️ DevGuard
Group
/🧩 DevGuard CI-Components
Repository

CVE-2025-0938

Add a comment

Affected component

Management decisions across the organization