The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been disputed by multiple third parties as not being reproduceable and they argue this is not a valid vulnerability.
History

Tue, 17 Sep 2024 18:45:00 +0000

Type Values Removed Values Added
Title py: ReDoS in py library when used with subversion
References
Metrics threat_severity

None

threat_severity

Low


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-16T00:00:00

Updated: 2024-08-03T13:19:05.503Z

Reserved: 2022-10-16T00:00:00

Link: CVE-2022-42969

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-10-16T06:15:09.797

Modified: 2024-11-21T07:25:42.383

Link: CVE-2022-42969

cve-icon Redhat

Severity : Low

Publid Date: 2022-10-16T00:00:00Z

Links: CVE-2022-42969 - Bugzilla