Lucene search
F5F5:K78284681HistoryJun 01, 2021 - 12:00 a.m.
K78284681 : Python tarfile library vulnerability CVE-2019-20907
2021-06-0100:00:00
my.f5.com
20
Security Advisory Description
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation. (CVE-2019-20907)
Impact
A user-created custom Python script utilizing the Python tarfile library may enter an infinite loop, consuming resources and causing a denial of service. The Python tarfile library is not used by any standard F5-supplied software.
Related
openvas
openvas
Huawei EulerOS: Security Advisory for python (EulerOS-SA-2020-2095)
2020-09-29 00:00:00
Python <= 3.8.3 DoS Vulnerability - Windows
2020-07-16 00:00:00
Fedora: Security Advisory for python39 (FEDORA-2020-aab24d3714)
2020-07-31 00:00:00
redhatcve
redhatcve
CVE-2019-20907
2020-07-13 19:16:55
veracode
veracode
Denial Of Service (DoS)
2020-08-06 21:29:42
suse
suse
Security update for python3 (moderate)
2020-08-25 00:00:00
Security update for python (moderate)
2020-08-24 00:00:00
Security update for python3 (moderate)
2020-08-27 00:00:00
redhat
redhat
(RHSA-2021:0761) Moderate: python security update
2021-03-09 08:48:14
(RHSA-2021:0881) Moderate: python security update
2021-03-16 13:07:52
(RHSA-2020:5009) Moderate: python security update
2020-11-10 09:38:51
nessus
nessus
EulerOS 2.0 SP8 : python2 (EulerOS-SA-2020-1822)
2020-07-30 00:00:00
Fedora 31 : python2 (2020-826b24c329)
2020-08-06 00:00:00
SUSE SLED15 / SLES15 Security Update : python (SUSE-SU-2020:2276-1)
2020-08-20 00:00:00
cbl_mariner
cbl_mariner
CVE-2019-20907 affecting package python3 3.7.7-2
2021-07-08 21:56:42
CVE-2019-20907 affecting package python2 2.7.18-9
2020-11-30 19:30:47
CVE-2019-20907 affecting package python2 for versions less than 2.7.18-8
2022-04-09 06:51:57
nvd
nvd
CVE-2019-20907
2020-07-13 13:15:10
fedora
fedora
[SECURITY] Fedora 32 Update: python39-3.9.0~b5-1.fc32
2020-07-30 18:57:22
[SECURITY] Fedora 31 Update: python39-3.9.0~b5-1.fc31
2020-07-30 19:09:04
[SECURITY] Fedora 31 Update: python2-2.7.18-2.fc31
2020-08-06 03:57:04
amazon
amazon
Medium: python
2020-09-01 00:40:00
Medium: python27
2020-08-27 00:20:00
Medium: python3
2020-09-01 00:40:00
ibm
ibm
alpinelinux
alpinelinux
CVE-2019-20907
2020-07-13 13:15:10
osv
osv
CVE-2019-20907
2020-07-13 13:15:10
Infinite loop in tarfile module while opening a crafted file
2020-07-13 00:00:00
python3.5 - security update
2020-11-18 00:00:00
cvelist
cvelist
CVE-2019-20907
2020-07-13 00:00:00
prion
prion
Input validation
2020-07-13 13:15:00
debiancve
debiancve
CVE-2019-20907
2020-07-13 13:15:10
centos
centos
python, tkinter security update
2020-11-18 17:21:38
python3 security update
2020-11-18 17:23:37
cve
cve
CVE-2019-20907
2020-07-13 13:15:10
oraclelinux
oraclelinux
python security update
2020-11-13 00:00:00
python27:2.7 security update
2020-11-10 00:00:00
python3 security update
2020-11-13 00:00:00
ubuntucve
ubuntucve
CVE-2019-20907
2020-07-13 00:00:00
debian
debian
[SECURITY] [DLA 2456-1] python3.5 security update
2020-11-19 03:44:14
almalinux
almalinux
Moderate: python27:2.7 security update
2020-11-03 12:24:08
Moderate: python3 security and bug fix update
2020-11-03 12:04:08
Moderate: python38:3.8 security, bug fix, and enhancement update
2020-11-03 12:23:02
gentoo
gentoo
Python: Multiple vulnerabilities
2020-08-02 00:00:00
rocky
rocky
python27:2.7 security update
2020-11-03 12:24:08
python38:3.8 security, bug fix, and enhancement update
2020-11-03 12:23:02
rosalinux
rosalinux
Advisory ROSA-SA-2023-2202
2023-07-25 10:31:09
Advisory ROSA-SA-2023-2203
2023-08-01 12:58:39
cloudfoundry
cloudfoundry
USN-4428-1: Python vulnerabilities | Cloud Foundry
2020-08-27 00:00:00
ubuntu
ubuntu
Python vulnerabilities
2020-07-22 00:00:00
freebsd
freebsd
Python -- multiple vulnerabilities
2020-08-19 00:00:00
archlinux
archlinux
[ASA-202103-27] python2: multiple issues
2021-03-25 00:00:00