Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Fedora 41: Critical Advisory for python-deepdiff Class Pollution Issue

fedora
Calendar Grey September 26, 2025
Dist Fedora Esm H88
A critical vulnerability in the python-deepdiff package in Fedora 41 has been identified, related to class pollution that can lead to code execution risk
Update to 8.6.1

Summary

Deep Difference of dictionaries, iterables, strings, and ANY other object.

Includes additional modules with related functionality:

DeepSearch: Search for objects within other objects.

DeepHash: Hash any object based on their content.

Delta: Store the difference of objects and apply them to other objects.

Extract: Extract an item from a nested Python object using its path.

commandline: Use DeepDiff from commandline.

Update Information:

Update to 8.6.1

Topics%20covered

Topics Covered

security advisory fedora critical python deepdiff class pollution

Change Log

* Sun Sep 14 2025 Romain Geissler - 8.6.1-1 - Update to 8.6.1 (rhbz#2393085). * Fri Aug 15 2025 Python Maint - 8.5.0-7 - Rebuilt for Python 3.14.0rc2 bytecode * Fri Jul 25 2025 Fedora Release Engineering - 8.5.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Tue Jul 8 2025 Charalampos Stratakis - 8.5.0-5 - Remove click's upper version bound * Sun Jun 29 2025 Romain Geissler - 8.5.0-4 - Fix tests with python 3.14 (rhbz#2374300). * Wed Jun 18 2025 Python Maint - 8.5.0-3 - Bootstrap for Python 3.14.0b3 bytecode * Thu Jun 5 2025 Python Maint - 8.5.0-2 - Bootstrap for Python 3.14 * Sat May 10 2025 Romain Geissler - 8.5.0-1 - Update to 8.5.0 (rhbz#2365409). * Wed Apr 16 2025 Romain Geissler - 8.4.1-2 - Relax a bit the pyyaml version for EPEL 10 * Mon Mar 31 2025 Romain Geissler - 8.4.1-1 - Update to 8.4.1 (rhbz#2332738). * Sat Jan 18 2025 Fedora Release Engineering - 8.0.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild

References


[ 1 ] Bug #2393898 - CVE-2025-58367 python-deepdiff: DeepDiff class pollution [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2393898

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-ca5f759234' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: python-deepdiff
Product: Fedora 41
Version: 8.6.1
Release: 1.fc41
URL: https://github.com/qlustered/deepdiff
Summary: Deep Difference and search of any Python object/data

Topics%20covered

Topics Covered

security advisory fedora critical python deepdiff class pollution

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here