Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 929208 (CVE-2024-3651) - <dev-python/idna-3.7: potential DoS via resource consumption via specially crafted inputs to idna.encode()
Summary: <dev-python/idna-3.7: potential DoS via resource consumption via specially cr...
Status: CONFIRMED
Alias: CVE-2024-3651
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL: https://github.com/kjd/idna/security/...
Whiteboard: A3 [glsa?]
Keywords:
Depends on: 929196
Blocks:
  Show dependency tree
 
Reported: 2024-04-12 11:41 UTC by Michał Górny
Modified: 2024-04-12 11:55 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2024-04-12 11:41:46 UTC
> A specially crafted argument to the idna.encode() function could consume significant resources. This may lead to a denial-of-service.

Fixed in 3.7.  Stabilization and cleanup already done.