CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-42969
https://notcve.org/view.php?id=CVE-2022-42969
16 Oct 2022 — The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been disputed by multiple third parties as not being reproduceable and they argue this is not a valid vulnerability. py library versiones hasta 1.11.0, para Python permite a atacantes remotos llevar a cabo un ataque ReDoS (Expresión Regular de Denegación de Servic... • https://github.com/pytest-dev/py/blob/cb87a83960523a2367d0f19226a73aed4ce4291d/py/_path/svnurl.py#L316 • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-29651 – Ubuntu Security Notice USN-5138-1
https://notcve.org/view.php?id=CVE-2020-29651
09 Dec 2020 — A denial of service via regular expression in the py.path.svnwc component of py (aka python-py) through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality. Una denegación de servicio por medio de una expresión regular en el componente py.path.svnwc de py (también se conoce como python-py) versiones hasta 1.9.0, podría ser usada por atacantes para causar un ataque de denegación de servicio del compute-time al suministrar u... • https://github.com/pytest-dev/py/issues/256 •