python is vulnerable to denial of service (DoS). The vulnerability exists because of the urllib.request.AbstractBasicAuthHandler
catastrophic backtracking.
lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html
bugs.python.org/issue39503
github.com/python/cpython/pull/18284
lists.apache.org/thread.html/rdb31a608dd6758c6093fd645aea3fbf022dd25b37109b6aaea5bc0b5@%3Ccommits.cassandra.apache.org%3E
lists.apache.org/thread.html/rfec113c733162b39633fd86a2d0f34bf42ac35f711b3ec1835c774da@%3Ccommits.cassandra.apache.org%3E
lists.debian.org/debian-lts-announce/2020/07/msg00011.html
lists.fedoraproject.org/archives/list/[email protected]/message/7WOKDEXLYW5UQ4S7PA7E37IITOC7C56J/
lists.fedoraproject.org/archives/list/[email protected]/message/A5NSAX4SC3V64PGZUPH7PRDLSON34Q5A/
lists.fedoraproject.org/archives/list/[email protected]/message/APGWEMYZIY5VHLCSZ3HD67PA5Z2UQFGH/
lists.fedoraproject.org/archives/list/[email protected]/message/UESGYI5XDAHJBATEZN3MHNDUBDH47AS6/
python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html
security.gentoo.org/glsa/202005-09
security.netapp.com/advisory/ntap-20200221-0001/
usn.ubuntu.com/4333-1/
usn.ubuntu.com/4333-2/