Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2020-8492

Опубликовано: 30 янв. 2020
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 7.1
CVSS3: 6.5

Описание

Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.

РелизСтатусПримечание
bionic

released

2.7.17-1~18.04ubuntu1
devel

DNE

eoan

ignored

end of life
esm-apps/focal

released

2.7.18-1~20.04.1
esm-apps/jammy

not-affected

2.7.18-13ubuntu1
esm-infra-legacy/trusty

not-affected

2.7.6-8ubuntu0.6+esm5
esm-infra/bionic

not-affected

2.7.17-1~18.04ubuntu1
esm-infra/xenial

not-affected

2.7.12-1ubuntu0~16.04.11
focal

released

2.7.18-1~20.04.1
groovy

ignored

end of life

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

eoan

DNE

esm-infra-legacy/trusty

not-affected

3.4.3-1ubuntu1~14.04.7+esm6
esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

eoan

DNE

esm-infra-legacy/trusty

not-affected

3.5.2-2ubuntu0~16.04.4~14.04.1+esm1
esm-infra/focal

DNE

esm-infra/xenial

not-affected

3.5.2-2ubuntu0~16.04.10
focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

Показывать по

РелизСтатусПримечание
bionic

released

3.6.9-1~18.04ubuntu1
devel

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

3.6.9-1~18.04ubuntu1
esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

Показывать по

РелизСтатусПримечание
bionic

released

3.7.5-2ubuntu1~18.04.2
devel

DNE

eoan

released

3.7.5-2~19.10ubuntu1
esm-apps/bionic

released

3.7.5-2ubuntu1~18.04.2
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

Показывать по

РелизСтатусПримечание
bionic

released

3.8.0-3ubuntu1~18.04.2
devel

DNE

eoan

ignored

end of life
esm-apps/bionic

released

3.8.0-3ubuntu1~18.04.2
esm-infra-legacy/trusty

DNE

esm-infra/focal

not-affected

3.8.2-1ubuntu1.1
focal

released

3.8.2-1ubuntu1.1
groovy

released

3.8.2-1ubuntu1.1
hirsute

DNE

impish

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 88%
0.04231
Низкий

7.1 High

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2020-8492

CVSS3: 6.5
redhat
больше 5 лет назад

Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.

nvd логотип

CVE-2020-8492

CVSS3: 6.5
nvd
больше 5 лет назад

Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.

debian логотип

CVE-2020-8492

CVSS3: 6.5
debian
больше 5 лет назад

Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 ...

suse-cvrf логотип

SUSE-SU-2020:14306-1

suse-cvrf
больше 5 лет назад

Security update for python

github логотип

GHSA-wh3w-rqc7-4mpf

CVSS3: 6.5
github
около 3 лет назад

Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.

EPSS

Процентиль: 88%
0.04231
Низкий

7.1 High

CVSS2

6.5 Medium

CVSS3

Уязвимость CVE-2020-8492