CVE-2020-8492 log

Source
Severity Low
Remote Yes
Type Denial of service
Description
Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.
Group Package Affected Fixed Severity Status Ticket
AVG-1597 python2 2.7.18-2 Medium Vulnerable FS#68063
References
https://bugs.python.org/issue39503
https://github.com/python/cpython/pull/18284
https://github.com/python/cpython/commit/0b297d4ff1c0e4480ad33acae793fbaf4bf015b4