PYSEC-2022-42969
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/py/PYSEC-2022-42969.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/PYSEC-2022-42969
- Aliases
- Published
- 2022-11-04T11:00:00Z
- Modified
- 2023-11-08T04:10:40.935960Z
- Summary
- [none]
- Details
-
The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled.
- References
Affected packages
PyPI / py
Package
- Name
- py
- View open source insights on deps.dev
- Purl
- pkg:pypi/py
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedLast affected1.11.0
Affected versions
0.*
0.8.0-alpha2
0.9.0
0.9.1
0.9.2
1.*
1.0.0
1.0.1
1.0.2
1.1.0
1.1.1
1.2.0
1.2.1
1.3.0
1.3.1
1.3.2
1.3.3
1.3.4
1.4.0
1.4.1
1.4.2
1.4.3
1.4.4
1.4.5
1.4.6
1.4.7.dev3
1.4.7
1.4.8
1.4.9
1.4.10
1.4.11
1.4.12
1.4.13
1.4.14
1.4.15
1.4.16
1.4.17
1.4.18
1.4.19
1.4.20
1.4.21
1.4.22
1.4.23
1.4.24
1.4.25
1.4.26
1.4.27
1.4.28
1.4.29
1.4.30
1.4.31
1.4.32.dev1
1.4.32
1.4.33
1.4.34
1.5.1
1.5.2
1.5.3
1.5.4
1.6.0
1.7.0
1.8.0
1.8.1
1.8.2
1.9.0
1.10.0
1.11.0