Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

43 matches found

CVE
CVEadded 2020/01/30 12:0 a.m.2323 views

CVE-2020-8492

CVE-2020-8492 describes a Regular Expression Denial of Service (ReDoS) in Python’s urllib.request.AbstractBasicAuthHandler that can be triggered by a malicious HTTP server. The vulnerability affects Python 2.7 (up to 2.7.17) and multiple 3.x releases (up to 3.8.1 per the CVE summary). Connected a...

7.1CVSS7AI score0.06617EPSS
Exploits1References16Affected Software1
Cvelist
Cvelistadded 2020/01/30 12:0 a.m.27 views

CVE-2020-8492

Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service ReDoS attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking...

7.1AI score0.06617EPSS
Exploits1References16
FreeBSD
FreeBSDadded 2019/11/17 12:0 a.m.47 views

Python -- Regular Expression DoS attack against client

Ben Caller and Matt Schwager reports: Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service ReDoS attacks against a client because of urllib.request.AbstractBasicAuthHandler...

7.1CVSS7.4AI score0.06617EPSS
Exploits1References2
Rows per page
Query Builder