CVE-2020-29651

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-29651

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-29651.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-29651

Aliases

Downstream

DEBIAN-CVE-2020-29651

DLA-3966-1

OESA-2022-1562

SUSE-FU-2022:0444-1

SUSE-FU-2022:0445-1

SUSE-SU-2021:1859-1

SUSE-SU-2021:1962-1

SUSE-SU-2021:1963-1

SUSE-SU-2021:2236-1

SUSE-SU-2021:2554-1

SUSE-SU-2022:2831-1

UBUNTU-CVE-2020-29651

USN-5138-1

openSUSE-SU-2021:0851-1

openSUSE-SU-2021:1859-1

openSUSE-SU-2024:11108-1

openSUSE-SU-2024:11252-1

openSUSE-SU-2024:14153-1

Related

Published

2020-12-09T07:15:12Z

Modified

2025-09-24T10:28:37.245388Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

A denial of service via regular expression in the py.path.svnwc component of py (aka python-py) through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality.

References

Affected packages

Git / github.com/pytest-dev/py

Affected ranges

Type: GIT
Repo: https://github.com/pytest-dev/py
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

b344f5b51fd3ec260d180d93e43b4796f1da57b9

Affected versions

1.*

1.0.0

1.0.0b3

1.0.0b6

1.0.0b8

1.0.0b9

1.0.1

1.0.2

1.1.0

1.1.1

1.2.0

1.2.1

1.3.0

1.3.1

1.3.2

1.3.3

1.3.4

1.4.0

1.4.1

1.4.10

1.4.11

1.4.12

1.4.13

1.4.14

1.4.15

1.4.16

1.4.17

1.4.18

1.4.19

1.4.2

1.4.20

1.4.21

1.4.23

1.4.24

1.4.25

1.4.26

1.4.27

1.4.28

1.4.29

1.4.3

1.4.30

1.4.31

1.4.32

1.4.33

1.4.34

1.4.4

1.4.6

1.4.7

1.4.9

1.5.0

1.5.1

1.5.2

1.5.3

1.5.4

1.6.0

1.7.0

1.8.0

1.8.1

1.8.2

1.9.0