Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2021-29510 - log back

CVE-2021-29510 edited at 12 May 2021 17:41:33

Severity

-	Unknown
+	Medium

Remote

-	Unknown
+	Remote

Type

-	Unknown
+	Denial of service

Description

+	A security issue has been found in pydantic before version 1.8.2. Passing either 'infinity', 'inf' or float('inf') (or their negatives) to datetime or date fields causes validation to run forever with 100% CPU usage (on one CPU).

References

+	https://github.com/samuelcolvin/pydantic/security/advisories/GHSA-5jqp-qgf6-3pvh
+	https://github.com/samuelcolvin/pydantic/commit/1c24f1d74ba95ea985b50bdc001ce96c813229aa

Notes

CVE-2021-29510 created at 12 May 2021 17:38:22