CVE-2025-6069

The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service.

Open

LOW (2.3)

System detected CVE-2025-6069 with a risk of 1
0.11.1
System detected CVE-2025-6069 with a risk of 1
chore/adds-additional-env-flags
System detected CVE-2025-6069 with a risk of 1
examples
System detected CVE-2025-6069 with a risk of 1
add-jobs-tags
System detected CVE-2025-6069 with a risk of 2
HEAD
System detected CVE-2025-6069 with a risk of 1
main
System updated the risk assessment from 1 to 2
0.8.2
System recalculated raw risk assessment
System
add/artifact-name-input
System
add/artifact-name-input
System
add/artifact-name-input
System
add/artifact-name-input
T
Tim Bastin fixed CVE-2025-6069
main
System updated the risk assessment from 1 to 2
main
System recalculated raw risk assessment
S
Sebastian Kawelke updated the risk assessment from 2 to 2.29
HEAD
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 1 to 1.14
0.12.0
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 1 to 1.14
add-jobs-tags
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 1 to 1.14
attest
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 1 to 1.14
0.9.0
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 1 to 1.14
examples
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 1 to 1.14
add-first-party-scan-to-gitlap-pipeline
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 1 to 1.14
add/artifact-name-input
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 2 to 2.29
main
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 1 to 1.14
chore/adds-additional-env-flags
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 2 to 2.29
0.8.2
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 1 to 1.14
revert-c7057e5e
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 1 to 1.14
feautre/sarif-sbom-upload-components
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 1 to 1.14
0.11.1
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 1 to 1.14
fix-attest.yaml
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
System updated the risk assessment from 1.14 to 2.29
add/artifact-name-input
System recalculated raw risk assessment
System updated the risk assessment from 1.14 to 2.29
0.11.1
System recalculated raw risk assessment
System updated the risk assessment from 1.14 to 2.29
0.9.0
System recalculated raw risk assessment
System updated the risk assessment from 1.14 to 2.29
revert-c7057e5e
System recalculated raw risk assessment
System updated the risk assessment from 1.14 to 2.29
chore/adds-additional-env-flags
System recalculated raw risk assessment
System updated the risk assessment from 1.14 to 2.29
add-first-party-scan-to-gitlap-pipeline
System recalculated raw risk assessment
System updated the risk assessment from 2.29 to 1.14
HEAD
System recalculated raw risk assessment
System updated the risk assessment from 1.14 to 2.29
add-jobs-tags
System recalculated raw risk assessment
System updated the risk assessment from 1.14 to 2.29
0.12.0
System recalculated raw risk assessment
System updated the risk assessment from 2.29 to 1.14
0.8.2
System recalculated raw risk assessment
System updated the risk assessment from 1.14 to 2.29
examples
System recalculated raw risk assessment
System updated the risk assessment from 1.14 to 2.29
attest
System recalculated raw risk assessment
System updated the risk assessment from 1.14 to 2.29
fix-attest.yaml
System recalculated raw risk assessment
System updated the risk assessment from 1.14 to 2.29
feautre/sarif-sbom-upload-components
System recalculated raw risk assessment
System fixed CVE-2025-6069
add/artifact-name-input
System fixed CVE-2025-6069
attest
System fixed CVE-2025-6069
0.11.1
System fixed CVE-2025-6069
examples
System fixed CVE-2025-6069
0.9.0
System fixed CVE-2025-6069
chore/adds-additional-env-flags
System fixed CVE-2025-6069
revert-c7057e5e
System fixed CVE-2025-6069
0.12.0
System fixed CVE-2025-6069
add-jobs-tags
System fixed CVE-2025-6069
fix-attest.yaml
System fixed CVE-2025-6069
feautre/sarif-sbom-upload-components
System fixed CVE-2025-6069
add-first-party-scan-to-gitlap-pipeline
System fixed CVE-2025-6069
0.8.2
System fixed CVE-2025-6069
HEAD
System fixed CVE-2025-6069
main
System detected CVE-2025-6069 with a risk of 1.14
add/artifact-name-input
System updated the risk assessment from 1.14 to 2.29
HEAD
System recalculated raw risk assessment

Add a comment

Last calculated at:

Affected component

debian/python3.11

Installed version:

3.11.2-6

Fixed in:

no patch available

Show in dependency graph

🛡️ DevGuard
Group
/🧩 DevGuard CI-Components
Repository

CVE-2025-6069

Add a comment

Affected component

Management decisions across the organization