Lucene search
GoogleOSV:PSF-2020-2HistoryJul 13, 2020 - 12:00 a.m.
Infinite loop in tarfile module while opening a crafted file
2020-07-1300:00:00
Google
osv.dev
12
tarfile module
crafted file
infinite loop
python 3.8.3
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.
References
Related
nessus
nessus
NewStart CGSL CORE 5.05 / MAIN 5.05 : python Vulnerability (NS-SA-2021-0152)
2021-10-27 00:00:00
EulerOS 2.0 SP3 : python (EulerOS-SA-2020-2095)
2020-09-28 00:00:00
Photon OS 3.0: Python2 PHSA-2020-3.0-0118
2020-07-29 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:2275-1)
2021-04-19 00:00:00
CentOS: Security Advisory for python (CESA-2020:5009)
2020-11-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:2277-1)
2021-06-09 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: python39-3.9.0~b5-1.fc32
2020-07-30 18:57:22
[SECURITY] Fedora 31 Update: python39-3.9.0~b5-1.fc31
2020-07-30 19:09:04
[SECURITY] Fedora 32 Update: python3-3.8.5-1.fc32
2020-07-30 18:57:25
suse
suse
Security update for python3 (moderate)
2020-08-27 00:00:00
Security update for python3 (moderate)
2020-08-25 00:00:00
Security update for python (moderate)
2020-08-24 00:00:00
nvd
nvd
CVE-2019-20907
2020-07-13 13:15:10
redhat
redhat
(RHSA-2021:0761) Moderate: python security update
2021-03-09 08:48:14
(RHSA-2021:0881) Moderate: python security update
2021-03-16 13:07:52
(RHSA-2020:5009) Moderate: python security update
2020-11-10 09:38:51
veracode
veracode
Denial Of Service (DoS)
2020-08-06 21:29:42
redhatcve
redhatcve
CVE-2019-20907
2020-07-13 19:16:55
cbl_mariner
cbl_mariner
CVE-2019-20907 affecting package python3 3.7.7-2
2021-07-08 21:56:42
CVE-2019-20907 affecting package python2 for versions less than 2.7.18-8
2022-04-09 06:51:57
CVE-2019-20907 affecting package python2 2.7.18-9
2020-11-30 19:30:47
centos
centos
python, tkinter security update
2020-11-18 17:21:38
python3 security update
2020-11-18 17:23:37
ibm
ibm
f5
f5
K78284681 : Python tarfile library vulnerability CVE-2019-20907
2021-06-01 00:00:00
amazon
amazon
Medium: python
2020-09-01 00:40:00
Medium: python27
2020-08-27 00:20:00
Medium: python34, python35, python36
2020-09-03 22:08:00
cvelist
cvelist
CVE-2019-20907
2020-07-13 00:00:00
debiancve
debiancve
CVE-2019-20907
2020-07-13 13:15:10
prion
prion
Input validation
2020-07-13 13:15:00
osv
osv
CVE-2019-20907
2020-07-13 13:15:10
python3.5 - security update
2020-11-18 00:00:00
Moderate: python27:2.7 security update
2020-11-03 12:24:08
alpinelinux
alpinelinux
CVE-2019-20907
2020-07-13 13:15:10
oraclelinux
oraclelinux
python security update
2020-11-13 00:00:00
python3 security update
2020-11-13 00:00:00
python27:2.7 security update
2020-11-10 00:00:00
cve
cve
CVE-2019-20907
2020-07-13 13:15:10
ubuntucve
ubuntucve
CVE-2019-20907
2020-07-13 00:00:00
redos
redos
ROS-20240704-10
2024-07-04 00:00:00
almalinux
almalinux
Moderate: python27:2.7 security update
2020-11-03 12:24:08
Moderate: python3 security and bug fix update
2020-11-03 12:04:08
Moderate: python38:3.8 security, bug fix, and enhancement update
2020-11-03 12:23:02
debian
debian
[SECURITY] [DLA 2456-1] python3.5 security update
2020-11-19 03:44:14
rocky
rocky
python27:2.7 security update
2020-11-03 12:24:08
python38:3.8 security, bug fix, and enhancement update
2020-11-03 12:23:02
gentoo
gentoo
Python: Multiple vulnerabilities
2020-08-02 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2202
2023-07-25 10:31:09
ubuntu
ubuntu
Python vulnerabilities
2020-07-22 00:00:00
cloudfoundry
cloudfoundry
USN-4428-1: Python vulnerabilities | Cloud Foundry
2020-08-27 00:00:00
freebsd
freebsd
Python -- multiple vulnerabilities
2020-08-19 00:00:00