Bug Description:
A series of simple quadratic complexity vulnerabilities has been identified. After confirmation by CPython's security team, since these DOS vulnerabilities pose a low threat and are relatively tedious to exploit, we can directly initiate requests in issues to seek assistance from the community for fixes.

Vulnerability Locations (All Fixed):

1. cpython/Lib/posixpath.py

   Line 290 inf49a07b

   defexpandvars(path):

2. cpython/Lib/ntpath.py

   Line 403 incb8a72b

   defexpandvars(path):

   
   Repair Status:

• Vulnerabilities have been fixed ingh-136065: Fix quadratic complexity in os.path.expandvars() #134952 by@serhiy-storchaka and@Wulian233.

Common Information:

• CPython Version: main branch
• Operating System: Linux
• Credits: Finder is kexinoh (Xiangfan Wu) from QI-ANXIN Technology Research Institute.

Linked PRs

• gh-136065: Fix quadratic complexity in os.path.expandvars() #134952
• [3.9] gh-136065: Fix quadratic complexity in os.path.expandvars() (GH-134952) #140839
• [3.14] gh-136065: Fix quadratic complexity in os.path.expandvars() (GH-134952) #140844
• [3.13] gh-136065: Fix quadratic complexity in os.path.expandvars() (GH-134952) #140845
• [3.12] gh-136065: Fix quadratic complexity in os.path.expandvars() (GH-134952) #140847
• [3.11] gh-136065: Fix quadratic complexity in os.path.expandvars() (GH-134952) #140848
• [3.10] gh-136065: Fix quadratic complexity in os.path.expandvars() (GH-134952) #140851