FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

tauthon -- Regular Expression Denial of Service

Affected packages
tauthon < 2.8.3

Details

VuXML ID c7855866-c511-11eb-ae1d-b42e991fc52e
Discovery 2020-01-30
Entry 2021-06-04

The :class:`~urllib.request.AbstractBasicAuthHandler` class of the :mod:`urllib.request` module uses an inefficient regular expression which can be exploited by an attacker to cause a denial of service

References

CVE Name CVE-2020-8492
URL https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8492