CVE-2020-8492

HIGH

Description

Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.

References

http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html

https://bugs.python.org/issue39503

https://github.com/python/cpython/pull/18284

https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html

https://lists.fedoraproject.org/archives/list/[email protected]/message/7WOKDEXLYW5UQ4S7PA7E37IITOC7C56J/

https://lists.fedoraproject.org/archives/list/[email protected]/message/A5NSAX4SC3V64PGZUPH7PRDLSON34Q5A/

https://lists.fedoraproject.org/archives/list/[email protected]/message/APGWEMYZIY5VHLCSZ3HD67PA5Z2UQFGH/

https://lists.fedoraproject.org/archives/list/[email protected]/message/UESGYI5XDAHJBATEZN3MHNDUBDH47AS6/

https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html

https://security.gentoo.org/glsa/202005-09

https://security.netapp.com/advisory/ntap-20200221-0001/

https://usn.ubuntu.com/4333-1/

https://usn.ubuntu.com/4333-2/

Details

Source: MITRE

Published: 2020-01-30

Updated: 2020-07-15

Type: CWE-400

Risk Information

CVSS v2.0

Base Score: 7.1

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 8.6

Severity: HIGH

CVSS v3.0

Base Score: 6.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 2.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

cpe:2.3:a:python:python:*:*:*:*:*:*:*:* versions from 2.7.0 to 2.7.17 (inclusive)

cpe:2.3:a:python:python:*:*:*:*:*:*:*:* versions from 3.5.0 to 3.5.9 (inclusive)

cpe:2.3:a:python:python:*:*:*:*:*:*:*:* versions from 3.6.0 to 3.6.10 (inclusive)

cpe:2.3:a:python:python:*:*:*:*:*:*:*:* versions from 3.7.0 to 3.7.6 (inclusive)

cpe:2.3:a:python:python:*:*:*:*:*:*:*:* versions from 3.8.0 to 3.8.1 (inclusive)

Configuration 2

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

Tenable Plugins

View all (37 total)

ID	Name	Product	Family	Severity
141218	Oracle Linux 7 : python3 (ELSA-2020-3888)	Nessus	Oracle Linux Local Security Checks	medium
141029	RHEL 7 : python3 (RHSA-2020:3888)	Nessus	Red Hat Local Security Checks	medium
140678	FreeBSD : Python -- multiple vulnerabilities (2cb21232-fb32-11ea-a929-a4bf014bf5f7)	Nessus	FreeBSD Local Security Checks	medium
139339	Amazon Linux 2 : python / python3 (ALAS-2020-1471)	Nessus	Amazon Linux Local Security Checks	high
139087	Amazon Linux AMI : python27 / python34, python35, python36 (ALAS-2020-1407)	Nessus	Amazon Linux Local Security Checks	high
139086	Amazon Linux AMI : python26 (ALAS-2020-1406)	Nessus	Amazon Linux Local Security Checks	high
138529	Debian DLA-2280-1 : python3.5 security update	Nessus	Debian Local Security Checks	medium
138368	Fedora 31 : python36 (2020-ea5bdbcc90)	Nessus	Fedora Local Security Checks	medium
138125	FreeBSD : Python -- multiple vulnerabilities (33c05d57-bf6e-11ea-ba1e-0800273f78d3)	Nessus	FreeBSD Local Security Checks	medium
138114	Fedora 32 : python36 (2020-8bdd3fd7a4)	Nessus	Fedora Local Security Checks	medium
137877	Photon OS 1.0: Python3 PHSA-2020-1.0-0304	Nessus	PhotonOS Local Security Checks	medium
137580	SUSE SLES12 Security Update : python (SUSE-SU-2020:1524-1)	Nessus	SuSE Local Security Checks	medium
137488	EulerOS 2.0 SP2 : python (EulerOS-SA-2020-1646)	Nessus	Huawei Local Security Checks	high
137118	Fedora 32 : python3 (2020-98e0f0f11b)	Nessus	Fedora Local Security Checks	high
137089	Amazon Linux 2 : python (ALAS-2020-1432)	Nessus	Amazon Linux Local Security Checks	medium
136954	Fedora 31 : python38 (2020-6a88dad4a0)	Nessus	Fedora Local Security Checks	high
136639	GLSA-202005-09 : Python: Denial of Service	Nessus	Gentoo Local Security Checks	high
136281	Ubuntu 20.04 : Python vulnerabilities (USN-4333-2)	Nessus	Ubuntu Local Security Checks	medium
136219	EulerOS Virtualization for ARM 64 3.0.2.0 : python (EulerOS-SA-2020-1516)	Nessus	Huawei Local Security Checks	high
135944	FreeBSD : Python -- Regular Expression DoS attack against client (a27b0bb6-84fc-11ea-b5b4-641c67a117d8)	Nessus	FreeBSD Local Security Checks	high
135894	Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : Python vulnerabilities (USN-4333-1)	Nessus	Ubuntu Local Security Checks	medium
135785	Photon OS 3.0: Python3 PHSA-2020-3.0-0078	Nessus	PhotonOS Local Security Checks	high
135784	Photon OS 3.0: Python2 PHSA-2020-3.0-0078	Nessus	PhotonOS Local Security Checks	high
135634	EulerOS Virtualization 3.0.2.2 : python (EulerOS-SA-2020-1472)	Nessus	Huawei Local Security Checks	high
135556	EulerOS 2.0 SP3 : python (EulerOS-SA-2020-1427)	Nessus	Huawei Local Security Checks	high
135492	Photon OS 1.0: Python2 PHSA-2020-1.0-0288	Nessus	PhotonOS Local Security Checks	high
135299	Photon OS 2.0: Python3 PHSA-2020-2.0-0226	Nessus	PhotonOS Local Security Checks	high
135197	SUSE SLES12 Security Update : python3 (SUSE-SU-2020:0854-1)	Nessus	SuSE Local Security Checks	medium
135133	EulerOS Virtualization for ARM 64 3.0.6.0 : python3 (EulerOS-SA-2020-1346)	Nessus	Huawei Local Security Checks	medium
135131	EulerOS Virtualization for ARM 64 3.0.6.0 : python2 (EulerOS-SA-2020-1344)	Nessus	Huawei Local Security Checks	high
134812	EulerOS 2.0 SP5 : python (EulerOS-SA-2020-1321)	Nessus	Huawei Local Security Checks	high
134788	EulerOS 2.0 SP8 : python3 (EulerOS-SA-2020-1296)	Nessus	Huawei Local Security Checks	high
134787	EulerOS 2.0 SP8 : python2 (EulerOS-SA-2020-1295)	Nessus	Huawei Local Security Checks	high
134286	SUSE SLES12 Security Update : python36 (SUSE-SU-2020:0557-1)	Nessus	SuSE Local Security Checks	high
134197	openSUSE Security Update : python3 (openSUSE-2020-274)	Nessus	SuSE Local Security Checks	high
134159	SUSE SLED15 / SLES15 Security Update : python (SUSE-SU-2020:0510-1)	Nessus	SuSE Local Security Checks	high
134081	SUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2020:0467-1)	Nessus	SuSE Local Security Checks	high