Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2020-8492: SUSE Linux Security Advisory

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

SUSE: CVE-2020-8492: SUSE Linux Security Advisory

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:C)

Published

01/30/2020

Created

03/06/2020

Added

03/03/2020

Modified

02/04/2022

Description

Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.

Solution(s)

suse-upgrade-libpython2_6-1_0
suse-upgrade-libpython2_6-1_0-32bit
suse-upgrade-libpython2_7-1_0
suse-upgrade-libpython2_7-1_0-32bit
suse-upgrade-libpython3_4m1_0
suse-upgrade-libpython3_4m1_0-32bit
suse-upgrade-libpython3_6m1_0
suse-upgrade-libpython3_6m1_0-32bit
suse-upgrade-libpython3_9-1_0
suse-upgrade-python
suse-upgrade-python-32bit
suse-upgrade-python-base
suse-upgrade-python-base-32bit
suse-upgrade-python-curses
suse-upgrade-python-demo
suse-upgrade-python-devel
suse-upgrade-python-doc
suse-upgrade-python-doc-pdf
suse-upgrade-python-gdbm
suse-upgrade-python-idle
suse-upgrade-python-rpm-macros
suse-upgrade-python-tk
suse-upgrade-python-xml
suse-upgrade-python3
suse-upgrade-python3-32bit
suse-upgrade-python3-base
suse-upgrade-python3-base-32bit
suse-upgrade-python3-curses
suse-upgrade-python3-dbm
suse-upgrade-python3-devel
suse-upgrade-python3-doc
suse-upgrade-python3-doc-devhelp
suse-upgrade-python3-idle
suse-upgrade-python3-testsuite
suse-upgrade-python3-tk
suse-upgrade-python3-tools
suse-upgrade-python36
suse-upgrade-python36-base
suse-upgrade-python39
suse-upgrade-python39-base
suse-upgrade-python39-curses
suse-upgrade-python39-dbm
suse-upgrade-python39-devel
suse-upgrade-python39-idle
suse-upgrade-python39-tk
suse-upgrade-python39-tools
suse-upgrade-shared-python-startup

References

SUSE-SU-2020:0467-1
SUSE-SU-2020:0510-1
SUSE-SU-2020:0557-1
SUSE-SU-2020:0854-1
SUSE-SU-2020:14306-1
SUSE-SU-2020:1524-1
SUSE-SU-2020:3563-1
SUSE-SU-2020:3865-1
SUSE-SU-2020:3930-1
USN-4333-1
USN-4333-2
USN-4754-3
USN-5200-1
CVE-2020-8492

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2020-8492: SUSE Linux Security Advisory

SUSE: CVE-2020-8492: SUSE Linux Security Advisory

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.