Lucene search
MitreCVELIST:CVE-2021-40839HistorySep 10, 2021 - 1:03 a.m.
CVE-2021-40839
2021-09-1001:03:33
mitre
www.cve.org
3
rencode package
remote attack
infinite loop
typecode decoding
python
cpu
memory
EPSS
0.004
Percentile
74.7%
The rencode package through 1.0.6 for Python allows an infinite loop in typecode decoding (such as via ;\x2f\x7f), enabling a remote attack that consumes CPU and memory.
References
github.com/aresch/rencode/commit/572ff74586d9b1daab904c6f7f7009ce0143bb75
github.com/aresch/rencode/pull/29
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BMVQRPDVSVZNGGX57CFKCYT3DEYO4QB6/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCLETLGVM5DBX6QNHQFW6TWGO5T3DENY/
pypi.org/project/rencode/#history
seclists.org/fulldisclosure/2021/Sep/16
security.netapp.com/advisory/ntap-20211008-0001/
Related
osv
osv
CVE-2021-40839
2021-09-10 02:15:07
PYSEC-2021-345
2021-09-10 02:15:00
Infinite Loop in rencode
2021-09-13 20:05:51
freebsd
freebsd
py39-rencode -- infinite loop that could lead to Denial of Service
2021-09-09 00:00:00
alpinelinux
alpinelinux
CVE-2021-40839
2021-09-10 02:15:07
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0167)
2022-05-19 00:00:00
Fedora: Security Advisory for python-rencode (FEDORA-2022-1033a2718b)
2022-02-15 00:00:00
Fedora: Security Advisory for python-rencode (FEDORA-2022-02340931ec)
2022-02-15 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: python-rencode-1.0.6-17.fc35
2022-02-15 01:38:42
[SECURITY] Fedora 34 Update: python-rencode-1.0.6-17.fc34
2022-02-15 01:17:50
cve
cve
CVE-2021-40839
2021-09-10 02:15:07
veracode
veracode
Denial Of Service (DoS)
2022-11-01 15:03:03
mageia
mageia
Updated python-rencode packages fix security vulnerability
2022-05-12 13:24:45
ubuntucve
ubuntucve
CVE-2021-40839
2021-09-10 00:00:00
debiancve
debiancve
CVE-2021-40839
2021-09-10 02:15:07
github
github
Infinite Loop in rencode
2021-09-13 20:05:51
prion
prion
Code injection
2021-09-10 02:15:00
nvd
nvd
CVE-2021-40839
2021-09-10 02:15:07