Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-12084
PUBLISHED
More InfoOfficial Page
Assigner-PSF
Assigner Org ID-28c92f92-d60d-412d-b760-e73465c3df22
View Known Exploited Vulnerability (KEV) details
Published At-03 Dec, 2025 | 18:55
Updated At-26 Jan, 2026 | 14:18
Rejected At-
▼CVE Numbering Authority (CNA)
Quadratic complexity in node ID cache clearing

When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.

Affected Products
Vendor
Python Software FoundationPython Software Foundation
Product
CPython
Repo
https://github.com/python/cpython
Default Status
unaffected
Versions
Affected
  • From 0 before 3.13.11 (python)
  • From 3.14.0 before 3.14.2 (python)
  • From 3.15.0a1 before 3.15.0a3 (python)
Metrics
VersionBase scoreBase severityVector
4.06.3MEDIUM
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Version: 4.0
Base score: 6.3
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
reporter
Jacob Walls
reporter
Shai Berger
reporter
Natalia Bidart
coordinator
Seth Larson
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/python/cpython/pull/142146
patch
https://github.com/python/cpython/issues/142145
issue-tracking
https://github.com/python/cpython/commit/08d8e18ad81cd45bc4a27d6da478b51ea49486e4
patch
https://github.com/python/cpython/commit/027f21e417b26eed4505ac2db101a4352b7c51a0
patch
https://github.com/python/cpython/commit/ddcd2acd85d891a53e281c773b3093f9db953964
patch
https://github.com/python/cpython/commit/27648a1818749ef44c420afe6173af6868715437
patch
https://github.com/python/cpython/commit/8d2d7bb2e754f8649a68ce4116271a4932f76907
patch
https://github.com/python/cpython/commit/9c9dda6625a2a90d2a06c657eee021d6be19842d
patch
https://github.com/python/cpython/commit/a696ba8b4d42fd632afc9bc88ad830a2e4cceed8
patch
https://github.com/python/cpython/commit/41f468786762348960486c166833a218a0a436af
patch
https://github.com/python/cpython/commit/57937a8e5e293f0dcba5115f7b7a11b1e0c9a273
patch
https://github.com/python/cpython/commit/e91c11449cad34bac3ea55ee09ca557691d92b53
patch
https://github.com/python/cpython/commit/a46c10ec9d4050ab67b8a932e0859a2ea60c3cb8
patch
https://github.com/python/cpython/commit/c97e87593063d84a2bd9fe7068b30eb44de23dc0
patch
Hyperlink: https://github.com/python/cpython/pull/142146
Resource:
patch
Hyperlink: https://github.com/python/cpython/issues/142145
Resource:
issue-tracking
Hyperlink: https://github.com/python/cpython/commit/08d8e18ad81cd45bc4a27d6da478b51ea49486e4
Resource:
patch
Hyperlink: https://github.com/python/cpython/commit/027f21e417b26eed4505ac2db101a4352b7c51a0
Resource:
patch
Hyperlink: https://github.com/python/cpython/commit/ddcd2acd85d891a53e281c773b3093f9db953964
Resource:
patch
Hyperlink: https://github.com/python/cpython/commit/27648a1818749ef44c420afe6173af6868715437
Resource:
patch
Hyperlink: https://github.com/python/cpython/commit/8d2d7bb2e754f8649a68ce4116271a4932f76907
Resource:
patch
Hyperlink: https://github.com/python/cpython/commit/9c9dda6625a2a90d2a06c657eee021d6be19842d
Resource:
patch
Hyperlink: https://github.com/python/cpython/commit/a696ba8b4d42fd632afc9bc88ad830a2e4cceed8
Resource:
patch
Hyperlink: https://github.com/python/cpython/commit/41f468786762348960486c166833a218a0a436af
Resource:
patch
Hyperlink: https://github.com/python/cpython/commit/57937a8e5e293f0dcba5115f7b7a11b1e0c9a273
Resource:
patch
Hyperlink: https://github.com/python/cpython/commit/e91c11449cad34bac3ea55ee09ca557691d92b53
Resource:
patch
Hyperlink: https://github.com/python/cpython/commit/a46c10ec9d4050ab67b8a932e0859a2ea60c3cb8
Resource:
patch
Hyperlink: https://github.com/python/cpython/commit/c97e87593063d84a2bd9fe7068b30eb44de23dc0
Resource:
patch
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-407CWE-407 Inefficient Algorithmic Complexity
Type: CWE
CWE ID: CWE-407
Description: CWE-407 Inefficient Algorithmic Complexity
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found