The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been disputed by multiple third parties as not being reproduceable and they argue this is not a valid vulnerability.

...

Security Bulletin: Vulnerability in pytest-dev py affects IBM watsonx.data

Summary pytest-dev py is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw by the InfoSvnCommand argument. By sending a specially-crafted regex info data, a remote attacker could exploit this vulnerability to cause a denial of service condition. This c...

FreeBSD : py39-py -- Regular expression Denial of Service vulnerability (28a37df6-ba1a-4eed-bb64-623fc8e8dfd0)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 28a37df6-ba1a-4eed-bb64-623fc8e8dfd0 advisory. - The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS Regular expressio...

SUSE SLES12 Security Update : python-py (SUSE-SU-2023:0395-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0395-1 advisory. - The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS Regular expression Denial of Service attack via a...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-py (SUSE-SU-2023:0161-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0161-1 advisory. - The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS Regular expression...

PYSEC-2022-42969

The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS Regular expression Denial of Service attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled...

py39-py -- Regular expression Denial of Service vulnerability

SCH227 reports: The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS Regular expression Denial of Service attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled...

Withdrawn Advisory: ReDoS in py library when used with subversion

Withdrawn Advisory This advisory has been withdrawn because evidence does not suggest that CVE-2022-42969 is a valid, reproducible vulnerability. This link is maintained to preserve external references. Original Description The py library through 1.11.0 for Python allows remote attackers to condu...

CVE-2022-42969

The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS Regular expression Denial of Service attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been disputed by multiple third parties as not bein...

Code injection

The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS Regular expression Denial of Service attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled...

CVE-2022-42969

CVE-2022-42969 affects the Python package py (through 1.11.0). The vulnerability allows a remote ReDoS via a crafted InfoSvnCommand argument in a Subversion repository, caused by mishandling of the info data, per connected IBM security bulletin. The description notes that this issue has been disp...

Pytest 安全漏洞

Pytest is a Python language-based testing framework from the Pytest team. A security vulnerability exists in Pytest versions prior to 1.11.0 that stems from the mishandling of its InfoSvnCommand parameter allowing remote attackers to conduct regular expression denial-of-service attacks via...