3 matches found
CLSA-2024-1728404213 python2: Fix of CVE-2024-7592
CVE-2024-7592: fix quadratic complexity in parsing cookies with backslashes...
CLSA-2024-1728403484 python2: Fix of CVE-2024-7592
CVE-2024-7592: fix quadratic complexity in parsing cookies with backslashes...
AZL-47865 CVE-2024-7592 affecting package python3 for versions less than 3.12.3-2
There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resourc...