CVE-2020-8492

Published: 2020-01-30T19:15Z

Last Modified: 2024-11-21T05:38Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt