Summary: | <dev-python/idna-3.7: potential DoS via resource consumption via specially crafted inputs to idna.encode() | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Michał Górny <mgorny> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | CONFIRMED --- | ||
Severity: | normal | CC: | python |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/kjd/idna/security/advisories/GHSA-jjg7-2v4v-x38h | ||
Whiteboard: | A3 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 929196 | ||
Bug Blocks: |
> A specially crafted argument to the idna.encode() function could consume significant resources. This may lead to a denial-of-service. Fixed in 3.7. Stabilization and cleanup already done.