QwikSec

Security Database

CVE

CWE

Training

CVE-2020-14422

Published: Jun 18, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugs.python.org/issue41004

https://github.com/python/cpython/pull/20956

openSUSE-SU-2020:0931

vendor-advisory

openSUSE-SU-2020:0940

vendor-advisory

[debian-lts-announce] 20200715 [SECURITY] [DLA 2280-1] python3.5 security update

mailing-list

FEDORA-2020-b513391ca8

vendor-advisory

FEDORA-2020-705c6ea5be

vendor-advisory

openSUSE-SU-2020:0989

vendor-advisory

openSUSE-SU-2020:1002

vendor-advisory

FEDORA-2020-dfb11916cc

vendor-advisory

vendor-advisory

FEDORA-2020-c3b07cc5c9

vendor-advisory

FEDORA-2020-bb919e575e

vendor-advisory

vendor-advisory

FEDORA-2020-1ddd5273d6

vendor-advisory

FEDORA-2020-87c0a0a52d

vendor-advisory

FEDORA-2020-efb908b6a8

vendor-advisory

FEDORA-2020-d808fdd597

vendor-advisory

FEDORA-2020-982b2950db

vendor-advisory

FEDORA-2020-c539babb0a

vendor-advisory

FEDORA-2020-d30881c970

vendor-advisory

https://www.oracle.com/security-alerts/cpujan2021.html

https://security.netapp.com/advisory/ntap-20200724-0004/

[debian-lts-announce] 20230515 [SECURITY] [DLA 3424-1] python-ipaddress security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.