---

CVE-2020-29651 - log back

CVE-2020-29651 edited at 16 Dec 2020 16:28:01
References	https://github.com/pytest-dev/py/issues/256 https://github.com/pytest-dev/py/pull/257 - https://github.com/pytest-dev/py/pull/257/commits/4a9017dc6199d2a564b6e4b0aa39d6d8870e4144 + https://github.com/pytest-dev/py/commit/92e36e60b22e2520337748f950e3d885e0c7c551

CVE-2020-29651 edited at 09 Dec 2020 10:52:44
Severity	- Unknown + Low
Remote	- Unknown + Local
Type	- Unknown + Denial of service
Description	+ A denial of service via regular expression in the py.path.svnwc component of python-py up to 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality.
References	+ https://github.com/pytest-dev/py/issues/256 + https://github.com/pytest-dev/py/pull/257 + https://github.com/pytest-dev/py/pull/257/commits/4a9017dc6199d2a564b6e4b0aa39d6d8870e4144
Notes

CVE-2020-29651 created at 09 Dec 2020 10:47:06