Lucene search

Veracode Vulnerability DatabaseVERACODE:38437

HistoryDec 12, 2022 - 8:25 a.m.

Denial Of Service (DoS)

2022-12-1208:25:10

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

python3

vulnerability

idna decoder

dos attacks

cpu

0.008 Low

EPSS

Percentile

81.5%

JSON

python3 is vulnerable to denial of service (DoS) attacks. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service.

CPENameOperatorVersion
python3:3.16eq3.10.8-r0
python3:3.16eq3.10.5-r0
python3:3.16eq3.10.4-r0
python3:3.16eq3.10.3-r1
python3:3.17eq3.10.8-r3
python3:3.15eq3.9.15-r0
python3:3.15eq3.9.7-r3
python3:3.15eq3.9.13-r1
python3:3.15eq3.9.7-r4
python3:edgeeq3.10.6-r1

Name	Operator	Version
python3:3.16	eq	3.10.8-r0
python3:3.16	eq	3.10.5-r0
python3:3.16	eq	3.10.4-r0
python3:3.16	eq	3.10.3-r1
python3:3.17	eq	3.10.8-r3
python3:3.15	eq	3.9.15-r0
python3:3.15	eq	3.9.7-r3
python3:3.15	eq	3.9.13-r1
python3:3.15	eq	3.9.7-r4
python3:edge	eq	3.10.6-r1

Rows per page:

1-10 of 1201

References

github.com/python/cpython/issues/98433

lists.debian.org/debian-lts-announce/2023/05/msg00024.html

lists.debian.org/debian-lts-announce/2023/06/msg00039.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35YDIWCUMWTMDBWFRAVENFH6BLB65D6S/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4WBZJNSALFGMPYTINIF57HAAK46U72WQ/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B3YI6JYARWU6GULWOHNUROSACT54XFFS/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4MYQ3IV6NWA4CKSXEHW45CH2YNDHEPH/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BWJREJHWVRBYDP43YB5WRL3QC7UBA7BR/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN26PWZTYG6IF3APLRXQJBVACQHZUPT2/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTYVESWVBPD57ZJC35G5722Q6TS37WSB/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O67LRHDTJWH544KXB6KY4HMHQLYDXFPK/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCKD4AFBHXIMHS64ZER2U7QRT33HNE7L/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK/

lists.fedoraproject.org/archives/list/[email protected]/message/2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB/

lists.fedoraproject.org/archives/list/[email protected]/message/35YDIWCUMWTMDBWFRAVENFH6BLB65D6S/

lists.fedoraproject.org/archives/list/[email protected]/message/4WBZJNSALFGMPYTINIF57HAAK46U72WQ/

lists.fedoraproject.org/archives/list/[email protected]/message/63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH/

lists.fedoraproject.org/archives/list/[email protected]/message/7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR/

lists.fedoraproject.org/archives/list/[email protected]/message/B3YI6JYARWU6GULWOHNUROSACT54XFFS/

lists.fedoraproject.org/archives/list/[email protected]/message/B4MYQ3IV6NWA4CKSXEHW45CH2YNDHEPH/

lists.fedoraproject.org/archives/list/[email protected]/message/BWJREJHWVRBYDP43YB5WRL3QC7UBA7BR/

lists.fedoraproject.org/archives/list/[email protected]/message/GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ/

lists.fedoraproject.org/archives/list/[email protected]/message/IN26PWZTYG6IF3APLRXQJBVACQHZUPT2/

lists.fedoraproject.org/archives/list/[email protected]/message/JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3/

lists.fedoraproject.org/archives/list/[email protected]/message/JTYVESWVBPD57ZJC35G5722Q6TS37WSB/

lists.fedoraproject.org/archives/list/[email protected]/message/KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4/

lists.fedoraproject.org/archives/list/[email protected]/message/LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR/

lists.fedoraproject.org/archives/list/[email protected]/message/O67LRHDTJWH544KXB6KY4HMHQLYDXFPK/

lists.fedoraproject.org/archives/list/[email protected]/message/ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML/

lists.fedoraproject.org/archives/list/[email protected]/message/PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W/

lists.fedoraproject.org/archives/list/[email protected]/message/QCKD4AFBHXIMHS64ZER2U7QRT33HNE7L/

lists.fedoraproject.org/archives/list/[email protected]/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/

lists.fedoraproject.org/archives/list/[email protected]/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/

lists.fedoraproject.org/archives/list/[email protected]/message/RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H/

lists.fedoraproject.org/archives/list/[email protected]/message/RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA/

lists.fedoraproject.org/archives/list/[email protected]/message/T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP/

lists.fedoraproject.org/archives/list/[email protected]/message/UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF/

lists.fedoraproject.org/archives/list/[email protected]/message/VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI/

lists.fedoraproject.org/archives/list/[email protected]/message/X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD/

lists.fedoraproject.org/archives/list/[email protected]/message/XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O/

lists.fedoraproject.org/archives/list/[email protected]/message/YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK/

lists.fedoraproject.org/archives/list/[email protected]/message/ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK/

secdb.alpinelinux.org/edge/main.yaml

secdb.alpinelinux.org/v3.14/main.yaml

secdb.alpinelinux.org/v3.15/main.yaml

secdb.alpinelinux.org/v3.16/main.yaml

secdb.alpinelinux.org/v3.17/main.yaml

security.gentoo.org/glsa/202305-02

security.netapp.com/advisory/ntap-20221209-0007/

0.008 Low

EPSS

Percentile

81.5%

JSON

Related for VERACODE:38437