Lucene search

K
ubuntucveUbuntu.comUB:CVE-2020-8492
HistoryJan 30, 2020 - 12:00 a.m.

CVE-2020-8492

2020-01-3000:00:00
ubuntu.com
ubuntu.com
15

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.008 Low

EPSS

Percentile

81.7%

Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7
through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct
Regular Expression Denial of Service (ReDoS) attacks against a client
because of urllib.request.AbstractBasicAuthHandler catastrophic
backtracking.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchpython3.4< 3.4.3-1ubuntu1~14.04.7+esm6) Available with Ubuntu Pro or Ubuntu Pro (Infra-onlyUNKNOWN
ubuntu14.04noarchpython3.5< anyUNKNOWN
ubuntu16.04noarchpython3.5< 3.5.2-2ubuntu0~16.04.10UNKNOWN
ubuntu18.04noarchpython3.6< 3.6.9-1~18.04ubuntu1UNKNOWN
ubuntu18.04noarchpython3.7< 3.7.5-2ubuntu1~18.04.2UNKNOWN
ubuntu19.10noarchpython3.7< 3.7.5-2~19.10ubuntu1UNKNOWN
ubuntu18.04noarchpython3.8< 3.8.0-3ubuntu1~18.04.2UNKNOWN
ubuntu20.04noarchpython3.8< 3.8.2-1ubuntu1.1UNKNOWN
ubuntu20.10noarchpython3.8< 3.8.2-1ubuntu1.1UNKNOWN
ubuntu18.04noarchpython2.7< 2.7.17-1~18.04ubuntu1UNKNOWN
Rows per page:
1-10 of 131

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.008 Low

EPSS

Percentile

81.7%

Related for UB:CVE-2020-8492