CVE-2022-42969

CVE-2022-42969 affects the Python package py (through 1.11.0). The vulnerability allows a remote ReDoS via a crafted InfoSvnCommand argument in a Subversion repository, caused by mishandling of the info data, per connected IBM security bulletin. The description notes that this issue has been disp...

CVE-2020-29651

CVE-2020-29651 affects the Python-py (py) package, specifically the py.path.svnwc component, where a denial-of-service can be triggered by crafted input to blame due to a regular-expression vulnerability. The IBM/X-Force entry lists a high/severe risk (base 7.5) and notes the issue stems from a c...