Lucene search
GoogleOSV:CVE-2021-40839HistorySep 10, 2021 - 2:15 a.m.
CVE-2021-40839
2021-09-1002:15:07
Google
osv.dev
8
python
rencode
remote attack
EPSS
0.004
Percentile
74.7%
The rencode package through 1.0.6 for Python allows an infinite loop in typecode decoding (such as via ;\x2f\x7f), enabling a remote attack that consumes CPU and memory.
References
github.com/aresch/rencode/commit/572ff74586d9b1daab904c6f7f7009ce0143bb75
github.com/aresch/rencode/pull/29
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BMVQRPDVSVZNGGX57CFKCYT3DEYO4QB6/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCLETLGVM5DBX6QNHQFW6TWGO5T3DENY/
pypi.org/project/rencode/#history
seclists.org/fulldisclosure/2021/Sep/16
security.netapp.com/advisory/ntap-20211008-0001/
Related
freebsd
freebsd
py39-rencode -- infinite loop that could lead to Denial of Service
2021-09-09 00:00:00
debiancve
debiancve
CVE-2021-40839
2021-09-10 02:15:07
osv
osv
PYSEC-2021-345
2021-09-10 02:15:00
Infinite Loop in rencode
2021-09-13 20:05:51
github
github
Infinite Loop in rencode
2021-09-13 20:05:51
openvas
openvas
Fedora: Security Advisory for python-rencode (FEDORA-2022-1033a2718b)
2022-02-15 00:00:00
Fedora: Security Advisory for python-rencode (FEDORA-2022-02340931ec)
2022-02-15 00:00:00
Mageia: Security Advisory (MGASA-2022-0167)
2022-05-19 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-11-01 15:03:03
ubuntucve
ubuntucve
CVE-2021-40839
2021-09-10 00:00:00
mageia
mageia
Updated python-rencode packages fix security vulnerability
2022-05-12 13:24:45
fedora
fedora
[SECURITY] Fedora 34 Update: python-rencode-1.0.6-17.fc34
2022-02-15 01:17:50
[SECURITY] Fedora 35 Update: python-rencode-1.0.6-17.fc35
2022-02-15 01:38:42
cvelist
cvelist
CVE-2021-40839
2021-09-10 01:03:33
prion
prion
Code injection
2021-09-10 02:15:00
nvd
nvd
CVE-2021-40839
2021-09-10 02:15:07
alpinelinux
alpinelinux
CVE-2021-40839
2021-09-10 02:15:07
cve
cve
CVE-2021-40839
2021-09-10 02:15:07