CVE-2020-29651

Source
https://nvd.nist.gov/vuln/detail/CVE-2020-29651
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-29651.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-29651
Aliases
Related
Published
2020-12-09T07:15:12Z
Modified
2024-12-05T23:47:22.313359Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A denial of service via regular expression in the py.path.svnwc component of py (aka python-py) through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality.

References

Affected packages

Debian:11 / pypy3

Package

Name
pypy3
Purl
pkg:deb/debian/pypy3?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.3.5+dfsg-2+deb11u4

Affected versions

7.*

7.3.5+dfsg-2
7.3.5+dfsg-2+deb11u1
7.3.5+dfsg-2+deb11u2
7.3.5+dfsg-2+deb11u3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / python-py

Package

Name
python-py
Purl
pkg:deb/debian/python-py?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.10.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / python-py

Package

Name
python-py
Purl
pkg:deb/debian/python-py?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.10.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / python-py

Package

Name
python-py
Purl
pkg:deb/debian/python-py?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.10.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/pytest-dev/py

Affected ranges

Type
GIT
Repo
https://github.com/pytest-dev/py
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

1.*

1.0.0
1.0.0b3
1.0.0b6
1.0.0b8
1.0.0b9
1.0.1
1.0.2
1.1.0
1.1.1
1.2.0
1.2.1
1.3.0
1.3.1
1.3.2
1.3.3
1.3.4
1.4.0
1.4.1
1.4.10
1.4.11
1.4.12
1.4.13
1.4.14
1.4.15
1.4.16
1.4.17
1.4.18
1.4.19
1.4.2
1.4.20
1.4.21
1.4.23
1.4.24
1.4.25
1.4.26
1.4.27
1.4.28
1.4.29
1.4.3
1.4.30
1.4.31
1.4.32
1.4.33
1.4.34
1.4.4
1.4.6
1.4.7
1.4.9
1.5.0
1.5.1
1.5.2
1.5.3
1.5.4
1.6.0
1.7.0
1.8.0
1.8.1
1.8.2
1.9.0