CVE-2013-7338

Name of the Vulnerable Software and Affected Versions Python versions prior to 3.3.4 RC1

Description The issue allows remote attackers to cause a denial of service, resulting in an infinite loop and CPU consumption. This can be achieved by providing a file size value larger than the size of the zip file to certain functions, including ZipExtFile.read, ZipExtFile.read(n), ZipExtFile.readlines, ZipFile.extract, or ZipFile.extractall.

Recommendations For versions prior to 3.3.4 RC1, update to version 3.3.4 RC1 or later to resolve the issue.