The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been disputed by multiple third parties as not being reproduceable and they argue this is not a valid vulnerability.
Metrics
Affected Vendors & Products
References
History
Tue, 17 Sep 2024 18:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | py: ReDoS in py library when used with subversion | |
References |
| |
Metrics |
threat_severity
|
threat_severity
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-16T00:00:00
Updated: 2024-08-03T13:19:05.503Z
Reserved: 2022-10-16T00:00:00
Link: CVE-2022-42969
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-10-16T06:15:09.797
Modified: 2024-11-21T07:25:42.383
Link: CVE-2022-42969
Redhat