CVE-2020-14422
published 2020-06-18CVE-2020-14422: Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to…
PriorityP337medium5.9CVSS 3.1
AVNACHPRNUINSUCNINAH
EPSS
12.83%
95.8th percentile
Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | python-ipaddress | — | — |
| debian | python2.7 | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| msrc | cbl_mariner_1.0_arm | — | — |
| msrc | cbl_mariner_1.0_x64 | — | — |
| msrc | cm1_python3_3.7.10-3_on_cbl_mariner_1.0 | — | — |
| opensuse | leap | — | — |
| opensuse | leap | — | — |
| oracle | enterprise_manager_ops_center | — | — |
| python | python | >= 3.0.0 < 3.5.10 | 3.5.10 |
| python | python | >= 3.6.0 < 3.6.12 | 3.6.12 |
| python | python | >= 3.7.0 < 3.7.9 | 3.7.9 |
| python | python | >= 3.8.0 < 3.8.4 | 3.8.4 |
CVSS provenance
nvdv3.15.9MEDIUMCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv7.6HIGH
vendor_ubuntu7.6HIGH
vendor_debian5.9MEDIUM
vendor_msrc5.9MEDIUM
vendor_redhat5.9MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
python3.5, python3.6, python3.7, python3.8, python3.9, python3.10, python3.11, python3.12 vulnerabilities
osv·2024-07-11·CVSS 7.6
CVE-2015-20107 [HIGH] python3.5, python3.6, python3.7, python3.8, python3.9, python3.10, python3.11, python3.12 vulnerabilities
python3.5, python3.6, python3.7, python3.8, python3.9, python3.10, python3.11, python3.12 vulnerabilities
It was discovered that Python incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS.
(CVE-2015-20107)
It was discovered that Python incorrectly used regular expressions
vulnerable to catastrophic backtracking. A remote attacker could possibly
use this issue to cause a denial of service. This issue only affected
Ubuntu 14.04 LTS. (CVE-2018-1060, CVE-2018-1061)
It was discovered that Python failed to initialize Expat’s hash salt. A
remote attacker could possibly use this issue to cause hash collisions,
leading to a denial of service. This issue only affected Ubuntu 14.04 L
GHSA
Incorrect Calculation and Use of Insufficiently Random Values in Python
ghsa_unreviewed·2021-05-11
CVE-2020-14422 [MEDIUM] CWE-330 Incorrect Calculation and Use of Insufficiently Random Values in Python
Incorrect Calculation and Use of Insufficiently Random Values in Python
Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created.
OSV
python2.7, python3.4, python3.5, python3.6, python3.8 vulnerabilities
osv·2020-07-22·CVSS 7.5
CVE-2019-17514 [HIGH] python2.7, python3.4, python3.5, python3.6, python3.8 vulnerabilities
python2.7, python3.4, python3.5, python3.6, python3.8 vulnerabilities
It was discovered that Python documentation had a misleading information.
A security issue could be possibly caused by wrong assumptions of this information.
This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and
Ubuntu 18.04 LTS. (CVE-2019-17514)
It was discovered that Python incorrectly handled certain TAR archives.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2019-20907)
It was discovered that incorrectly handled certain ZIP files. An attacker
could possibly use this issue to cause a denial of service. This issue only
affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
(CVE-2019-9674)
It was discovered that Python incorrectl
OSV
CVE-2020-14422: Lib/ipaddress
osv·2020-06-18·CVSS 5.9
CVE-2020-14422 [MEDIUM] CVE-2020-14422: Lib/ipaddress
Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.
Ubuntu
Python vulnerabilities
vendor_ubuntu·2024-07-11·CVSS 7.6
CVE-2021-29921 [HIGH] Python vulnerabilities
Title: Python vulnerabilities
Summary: Several security issues were fixed in Python.
It was discovered that Python incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS.
(CVE-2015-20107)
It was discovered that Python incorrectly used regular expressions
vulnerable to catastrophic backtracking. A remote attacker could possibly
use this issue to cause a denial of service. This issue only affected
Ubuntu 14.04 LTS. (CVE-2018-1060, CVE-2018-1061)
It was discovered that Python failed to initialize Expat’s hash salt. A
remote attacker could possibly use this issue to cause hash collisions,
leading to a denial of service. This issue only affected Ubuntu 14.04 LTS.
(CVE-2018-14647)
CISA ICS
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
cisa_ics·2023-12-14
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
ICS Advisory
##
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
Release DateDecember 14, 2023
Alert CodeICSA-23-348-10
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
- Vulnerabilities: Improper Restriction of XML External Entity Reference, Time-of-check Time-of-use (TOCTOU) Race Condition, Command Injection, Miss
Ubuntu
Python vulnerabilities
vendor_ubuntu·2020-07-22·CVSS 7.5
CVE-2019-20907 [HIGH] Python vulnerabilities
Title: Python vulnerabilities
Summary: Several security issues were fixed in Python.
It was discovered that Python documentation had a misleading information.
A security issue could be possibly caused by wrong assumptions of this information.
This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and
Ubuntu 18.04 LTS. (CVE-2019-17514)
It was discovered that Python incorrectly handled certain TAR archives.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2019-20907)
It was discovered that incorrectly handled certain ZIP files. An attacker
could possibly use this issue to cause a denial of service. This issue only
affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
(CVE-2019-9674)
It was discovered that P
Red Hat
python: DoS via inefficiency in IPv{4,6}Interface classes
vendor_redhat·2020-06-18·CVSS 5.9
CVE-2020-14422 [MEDIUM] CWE-400 python: DoS via inefficiency in IPv{4,6}Interface classes
python: DoS via inefficiency in IPv{4,6}Interface classes
Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.
A vulnerability was found in the way the ipaddress python module computes hash values in the IPv4Interface and IPv6Interface classes. This flaw allows an attacker to create many dictionary entries, due to the performanc
Microsoft
Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes which might allow a remote attacker to cause a denial of service if an applicati
vendor_msrc·2020-06-09·CVSS 5.9
CVE-2020-14422 [MEDIUM] CWE-682 Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes which might allow a remote attacker to cause a denial of service if an applicati
Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10 v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4 v3.8.4rc1 v3.8.5 v3.8.6 v3.8.6rc1; v3.9.0 v3.9.0b4 v3.9.0b5 v3.9.0rc1 v3.9.0rc2.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recen
Debian
CVE-2020-14422: python-ipaddress - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the ...
vendor_debian·2020·CVSS 5.9
CVE-2020-14422 [MEDIUM] CVE-2020-14422: python-ipaddress - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the ...
Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.
Scope: local
bullseye: open
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2020-14422 python-pip: python: DoS via inefficiency in IPv{4,6}Interface classes [epel-all]
bugzilla·2020-07-15·CVSS 5.9
CVE-2020-14422 [MEDIUM] CVE-2020-14422 python-pip: python: DoS via inefficiency in IPv{4,6}Interface classes [epel-all]
CVE-2020-14422 python-pip: python: DoS via inefficiency in IPv{4,6}Interface classes [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple su
Bugzilla
CVE-2020-14422 python-pip: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
bugzilla·2020-07-15·CVSS 5.9
CVE-2020-14422 [MEDIUM] CVE-2020-14422 python-pip: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
CVE-2020-14422 python-pip: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multipl
Bugzilla
CVE-2020-14422 python-ipaddress: python: DoS via inefficiency in IPv{4,6}Interface classes
bugzilla·2020-07-15·CVSS 5.9
CVE-2020-14422 [MEDIUM] CVE-2020-14422 python-ipaddress: python: DoS via inefficiency in IPv{4,6}Interface classes
CVE-2020-14422 python-ipaddress: python: DoS via inefficiency in IPv{4,6}Interface classes
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple suppo
Bugzilla
CVE-2020-14422 mingw-python3: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
bugzilla·2020-07-08·CVSS 5.9
CVE-2020-14422 [MEDIUM] CVE-2020-14422 mingw-python3: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
CVE-2020-14422 mingw-python3: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects mult
Bugzilla
CVE-2020-14422 python34: python: Denial of service via inefficiency in IPv{4,6}Interface classes [fedora-all]
bugzilla·2020-07-08·CVSS 5.9
CVE-2020-14422 [MEDIUM] CVE-2020-14422 python34: python: Denial of service via inefficiency in IPv{4,6}Interface classes [fedora-all]
CVE-2020-14422 python34: python: Denial of service via inefficiency in IPv{4,6}Interface classes [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue aff
Bugzilla
CVE-2020-14422 python27: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
bugzilla·2020-07-08·CVSS 5.9
CVE-2020-14422 [MEDIUM] CVE-2020-14422 python27: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
CVE-2020-14422 python27: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple
Bugzilla
CVE-2020-14422 python37: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
bugzilla·2020-07-08·CVSS 5.9
CVE-2020-14422 [MEDIUM] CVE-2020-14422 python37: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
CVE-2020-14422 python37: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple
Bugzilla
CVE-2020-14422 python38: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
bugzilla·2020-07-08·CVSS 5.9
CVE-2020-14422 [MEDIUM] CVE-2020-14422 python38: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
CVE-2020-14422 python38: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple
Bugzilla
CVE-2020-14422 python39: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
bugzilla·2020-07-08·CVSS 5.9
CVE-2020-14422 [MEDIUM] CVE-2020-14422 python39: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
CVE-2020-14422 python39: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple
Bugzilla
CVE-2020-14422 python: DoS via inefficiency in IPv{4,6}Interface classes
bugzilla·2020-07-08·CVSS 5.9
CVE-2020-14422 [MEDIUM] CVE-2020-14422 python: DoS via inefficiency in IPv{4,6}Interface classes
CVE-2020-14422 python: DoS via inefficiency in IPv{4,6}Interface classes
A vulnerability was found in Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created.
References:
https://bugs.python.org/issue41004
https://github.com/python/cpython/pull/20956
Discussion:
Created mingw-python3 tracking bugs for this issue:
Affects: fedora-all [bug 1854936]
Created python2 tracking bugs for this issue:
Affects: fedora-all [bug 1854931]
Created python26 tracking bugs for this issue:
A
Bugzilla
CVE-2020-14422 python26: python: Denial of service via inefficiency in IPv{4,6}Interface classes [fedora-all]
bugzilla·2020-07-08·CVSS 5.9
CVE-2020-14422 [MEDIUM] CVE-2020-14422 python26: python: Denial of service via inefficiency in IPv{4,6}Interface classes [fedora-all]
CVE-2020-14422 python26: python: Denial of service via inefficiency in IPv{4,6}Interface classes [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue aff
Bugzilla
CVE-2020-14422 python35: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
bugzilla·2020-07-08·CVSS 5.9
CVE-2020-14422 [MEDIUM] CVE-2020-14422 python35: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
CVE-2020-14422 python35: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple
Bugzilla
CVE-2020-14422 python36: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
bugzilla·2020-07-08·CVSS 5.9
CVE-2020-14422 [MEDIUM] CVE-2020-14422 python36: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
CVE-2020-14422 python36: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple
Bugzilla
CVE-2020-14422 python2: python: Denial of service via inefficiency in IPv{4,6}Interface classes [fedora-all]
bugzilla·2020-07-08·CVSS 5.9
CVE-2020-14422 [MEDIUM] CVE-2020-14422 python2: python: Denial of service via inefficiency in IPv{4,6}Interface classes [fedora-all]
CVE-2020-14422 python2: python: Denial of service via inefficiency in IPv{4,6}Interface classes [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affe
Bugzilla
CVE-2020-14422 python3: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
bugzilla·2020-07-08·CVSS 5.9
CVE-2020-14422 [MEDIUM] CVE-2020-14422 python3: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
CVE-2020-14422 python3: python: DoS via inefficiency in IPv{4,6}Interface classes [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple s
Bugzilla
CVE-2020-14422 python34: python: DoS via inefficiency in IPv{4,6}Interface classes [epel-all]
bugzilla·2020-07-08·CVSS 5.9
CVE-2020-14422 [MEDIUM] CVE-2020-14422 python34: python: DoS via inefficiency in IPv{4,6}Interface classes [epel-all]
CVE-2020-14422 python34: python: DoS via inefficiency in IPv{4,6}Interface classes [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supp
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-07/msg00006.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-07/msg00032.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-07/msg00041.htmlhttps://bugs.python.org/issue41004https://github.com/python/cpython/pull/20956https://lists.debian.org/debian-lts-announce/2020/07/msg00011.htmlhttps://lists.debian.org/debian-lts-announce/2023/05/msg00016.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36XI3EEQNMHGOZEI63Y7UV6XZRELYEAU/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNHPQGSP2YM3JAUD2VAMPXTIUQTZ2M2U/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CTUNTBJ3POHONQOTLEZC46POCIYYTAKZ/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FCCZTAYZATTNSNEAXWA7U3HCO2OVQKT5/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE4O3PNDNNOMSKHNUKZKD3NGHIFUFDPX/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NTBKKOLFFNHG6CM4ACDX4APHSD5ZX5N4/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OXI72HIHMXCQFWTULUXDG7VDA2BCYL4Y/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3TALOUBYU2MQD4BPLRTDQUMBKGCAXUA/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V53P2YOLEQH4J7S5QHXMKMZYFTVVMTMO/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VT4AF72TJ2XNIKCR4WEBR7URBJJ4YZRD/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X36Y523UAZY5QFXZAAORNFY63HLBWX7N/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILCHHTNLH4GG4GSQBX2MZRKZBXOLCKE/https://security.gentoo.org/glsa/202008-01https://security.netapp.com/advisory/ntap-20200724-0004/https://usn.ubuntu.com/4428-1/https://www.oracle.com/security-alerts/cpujan2021.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-07/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-07/msg00006.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-07/msg00032.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-07/msg00041.htmlhttps://bugs.python.org/issue41004https://github.com/python/cpython/pull/20956https://lists.debian.org/debian-lts-announce/2020/07/msg00011.htmlhttps://lists.debian.org/debian-lts-announce/2023/05/msg00016.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36XI3EEQNMHGOZEI63Y7UV6XZRELYEAU/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNHPQGSP2YM3JAUD2VAMPXTIUQTZ2M2U/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CTUNTBJ3POHONQOTLEZC46POCIYYTAKZ/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FCCZTAYZATTNSNEAXWA7U3HCO2OVQKT5/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE4O3PNDNNOMSKHNUKZKD3NGHIFUFDPX/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NTBKKOLFFNHG6CM4ACDX4APHSD5ZX5N4/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OXI72HIHMXCQFWTULUXDG7VDA2BCYL4Y/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3TALOUBYU2MQD4BPLRTDQUMBKGCAXUA/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V53P2YOLEQH4J7S5QHXMKMZYFTVVMTMO/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VT4AF72TJ2XNIKCR4WEBR7URBJJ4YZRD/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X36Y523UAZY5QFXZAAORNFY63HLBWX7N/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILCHHTNLH4GG4GSQBX2MZRKZBXOLCKE/https://security.gentoo.org/glsa/202008-01https://security.netapp.com/advisory/ntap-20200724-0004/https://usn.ubuntu.com/4428-1/https://www.oracle.com/security-alerts/cpujan2021.html
2020-06-18
Published