Description

When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.

INFO

Published Date :

2025-12-03T18:55:32.222Z

Last Modified :

2026-03-03T14:41:38.821Z

Source :

PSF
AFFECTED PRODUCTS

The following products are affected by CVE-2025-12084 vulnerability.

Vendors Products
Python
  • Cpython
  • Python
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-12084.

URL Resource
https://github.com/python/cpython/commit/027f21e417b26eed4505ac2db101a4352b7c51a0 cve-icon cve-icon
https://github.com/python/cpython/commit/08d8e18ad81cd45bc4a27d6da478b51ea49486e4 cve-icon cve-icon
https://github.com/python/cpython/commit/27648a1818749ef44c420afe6173af6868715437 cve-icon cve-icon
https://github.com/python/cpython/commit/41f468786762348960486c166833a218a0a436af cve-icon cve-icon
https://github.com/python/cpython/commit/57937a8e5e293f0dcba5115f7b7a11b1e0c9a273 cve-icon cve-icon
https://github.com/python/cpython/commit/8d2d7bb2e754f8649a68ce4116271a4932f76907 cve-icon cve-icon
https://github.com/python/cpython/commit/9c9dda6625a2a90d2a06c657eee021d6be19842d cve-icon cve-icon
https://github.com/python/cpython/commit/a46c10ec9d4050ab67b8a932e0859a2ea60c3cb8 cve-icon cve-icon
https://github.com/python/cpython/commit/a696ba8b4d42fd632afc9bc88ad830a2e4cceed8 cve-icon cve-icon
https://github.com/python/cpython/commit/c97e87593063d84a2bd9fe7068b30eb44de23dc0 cve-icon cve-icon
https://github.com/python/cpython/commit/ddcd2acd85d891a53e281c773b3093f9db953964 cve-icon cve-icon
https://github.com/python/cpython/commit/e91c11449cad34bac3ea55ee09ca557691d92b53 cve-icon cve-icon
https://github.com/python/cpython/issues/142145 cve-icon cve-icon cve-icon
https://github.com/python/cpython/pull/142146 cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-12084 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-12084 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact