The :class:~urllib.request.AbstractBasicAuthHandler class
of the :mod:urllib.request module uses an inefficient
regular expression which can be exploited by an
attacker to cause a denial of service

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchtauthon< 2.8.3UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	tauthon	< 2.8.3	UNKNOWN

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8492

nessus 70

openvas 34

osv 9

debiancve 1

cve 1

amazon 5

fedora 4

veracode 1

freebsd 3

gentoo 1

alpinelinux 1

redhatcve 1

prion 1

ubuntucve 1

ibm 8

oraclelinux 3

ubuntu 4

suse 3

centos 1

redhat 15

cloudfoundry 1

cloudlinux 2

almalinux 2

rocky 1

photon 10

mageia 1

archlinux 1

debian 2

kitploit 1

rosalinux 1

ics 1

nessus

Photon OS 3.0: Python3 PHSA-2020-3.0-0078

2020-04-21 00:00:00

EulerOS 2.0 SP5 : python (EulerOS-SA-2020-1321)

2020-03-23 00:00:00

Photon OS 1.0: Python2 PHSA-2020-1.0-0288

2020-04-15 00:00:00

openvas

Huawei EulerOS: Security Advisory for python (EulerOS-SA-2020-1321)

2020-03-24 00:00:00

Fedora: Security Advisory for python3 (FEDORA-2020-98e0f0f11b)

2020-05-29 00:00:00

Fedora: Security Advisory for python38 (FEDORA-2020-6a88dad4a0)

2020-05-29 00:00:00

osv

CVE-2020-8492

2020-01-30 19:15:12

urllib basic auth regex denial of service

2020-01-30 00:00:00

BIT-python-2020-8492

2024-03-06 11:07:08

debiancve

CVE-2020-8492

2020-01-30 19:15:00

cve

CVE-2020-8492

2020-01-30 19:15:00

amazon

Medium: python, python3

2020-07-31 19:22:00

Medium: python26

2020-07-27 23:54:00

Medium: python27, python34, python35, python36

2020-07-27 23:54:00

fedora

[SECURITY] Fedora 31 Update: python38-3.8.3-1.fc31

2020-05-29 02:27:10

[SECURITY] Fedora 32 Update: python3-3.8.3-1.fc32

2020-05-26 03:14:58

[SECURITY] Fedora 32 Update: python36-3.6.11-1.fc32

2020-07-04 01:14:28

veracode

Denial Of Service (DoS)

2020-08-06 21:33:11

freebsd

Python -- Regular Expression DoS attack against client

2019-11-17 00:00:00

Python -- multiple vulnerabilities

2019-10-24 00:00:00

Python -- multiple vulnerabilities

2020-08-19 00:00:00

gentoo

Python: Denial of service

2020-05-14 00:00:00

alpinelinux

CVE-2020-8492

2020-01-30 19:15:00

redhatcve

CVE-2020-8492

2020-03-02 11:41:02

prion

Code injection

2020-01-30 19:15:00

ubuntucve

CVE-2020-8492

2020-01-30 00:00:00

ibm

Security Bulletin: Vulnerability in Open Source Python affect IBM Tivoli Application Dependency Discovery Manager (CVE-2020-8492)

2021-04-27 20:49:26

Security Bulletin: Streams service for IBM Cloud Pak for Data might be affected by some underlying Python vulnerabilities

2021-06-16 19:01:03

Security Bulletin: Security vulnerabilities in Python3 affect IBM Cloud Pak for Multicloud Management Hybrid GRC.

2021-02-04 21:29:35

oraclelinux

python3 security update

2020-10-06 00:00:00

python3 security and bug fix update

2020-11-10 00:00:00

python38:3.8 security, bug fix, and enhancement update

2020-11-10 00:00:00

ubuntu

Python vulnerabilities

2020-04-21 00:00:00

Python vulnerabilities

2020-04-30 00:00:00

Python vulnerabilities

2021-12-17 00:00:00

suse

Security update for python3 (moderate)

2020-03-01 00:00:00

Security update for python3 (important)

2020-12-26 00:00:00

Security update for python3 (important)

2020-12-26 00:00:00

centos

python3 security update

2020-10-20 18:48:39

redhat

(RHSA-2020:3888) Moderate: python3 security update

2020-09-29 07:40:56

(RHSA-2020:4433) Moderate: python3 security and bug fix update

2020-11-03 12:04:08

(RHSA-2020:4641) Moderate: python38:3.8 security, bug fix, and enhancement update

2020-11-03 12:23:02

cloudfoundry

USN-4333-1: Python vulnerabilities | Cloud Foundry

2020-05-14 00:00:00

cloudlinux

Fix of CVE: CVE-2018-20852, CVE-2020-8492, CVE-2020-26116, CVE-2020-27619

2021-09-23 12:55:16

Fix of CVE: CVE-2020-26116, CVE-2020-8492, CVE-2018-20852, CVE-2020-27619

2021-10-05 14:07:59

almalinux

Moderate: python3 security and bug fix update

2020-11-03 12:04:08

Moderate: python38:3.8 security, bug fix, and enhancement update

2020-11-03 12:23:02

rocky

python38:3.8 security, bug fix, and enhancement update

2020-11-03 12:23:02

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0304

2020-06-26 00:00:00

Important Photon OS Security Update - PHSA-2020-0304

2020-06-27 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0288

2020-04-11 00:00:00

mageia

Updated python and python3 packages fix security vulnerabilities

2020-12-08 13:40:32

archlinux

[ASA-202103-27] python2: multiple issues

2021-03-25 00:00:00

debian

[SECURITY] [DLA 3432-1] python2.7 security update

2023-05-24 17:31:47

[SECURITY] [DLA 2280-1] python3.5 security update

2020-07-15 10:00:36

kitploit

Regexploit - Find Regular Expressions Which Are Vulnerable To ReDoS (Regular Expression Denial Of Service)

2021-07-20 12:30:00

rosalinux

Advisory ROSA-SA-2021-1957

2021-07-02 18:03:40

ics

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.008 Low

EPSS

Percentile

81.8%

JSON

Related for C7855866-C511-11EB-AE1D-B42E991FC52E