CVE-2025-12084

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-12084

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-12084.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-12084

Aliases

Downstream

BELL-CVE-2025-12084

DEBIAN-CVE-2025-12084

DLA-4445-1

DLA-4455-1

ECHO-e2c7-423a-beb2

MINI-57x9-p8jq-xcx4

MINI-6688-3m9r-jjgw

MINI-7635-9xr6-f493

MINI-8q2j-7gwq-mvv8

OESA-2026-1052

OESA-2026-1053

OESA-2026-1054

OESA-2026-1055

OESA-2026-1056

OESA-2026-1057

RHSA-2026:0123

RHSA-2026:1374

RHSA-2026:1408

RHSA-2026:1410

RHSA-2026:1478

RHSA-2026:1537

RHSA-2026:1558

RHSA-2026:1582

RHSA-2026:1583

RHSA-2026:1620

RHSA-2026:1631

RHSA-2026:1828

RHSA-2026:1892

RHSA-2026:1893

RHSA-2026:1922

RHSA-2026:2084

RLSA-2026:0123

RLSA-2026:1374

RLSA-2026:1408

RLSA-2026:1410

RLSA-2026:1478

RLSA-2026:1828

SUSE-SU-2025:4538-1

SUSE-SU-2025:4539-1

SUSE-SU-2026:0299-1

UBUNTU-CVE-2025-12084

USN-8018-1

Related

Published

2025-12-03T19:15:55.050Z

Modified

2026-02-09T05:19:07.748878Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator

Summary

[none]

Details

When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on clearid_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.

References

Affected packages

Git / github.com/python/cpython

Affected ranges

Type: GIT
Repo: https://github.com/python/cpython
Events: Fixed

627894459a84be3488a1789919679c997056a03c

Introduced

ebf955df7a89ed0c7968f79faec1de49f61ed7cb

Fixed

df793163d5821791d4e7caf88885a2c11a107986

Affected versions

v3.*

v3.14.0

v3.14.1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-12084.json"