Skip to content

[security][CVE-2020-8492] Denial of service in urllib.request.AbstractBasicAuthHandler #83684

Closed
Closed
[security][CVE-2020-8492] Denial of service in urllib.request.AbstractBasicAuthHandler#83684
Labels
3.10only security fixes3.11only security fixes3.7 (EOL)end of life3.8 (EOL)end of life3.9 (EOL)end of lifestdlibStandard Library Python modules in the Lib/ directorytype-securityA security issue
@vstinner

Description

@vstinner
vstinner
opened on Jan 30, 2020
BPO 39503
Nosy @vstinner, @larryhastings, @ned-deily, @mgorny, @koobs, @miss-islington, @ware, @tapakund, @bcaller
PRs
  • bpo-39503: CVE-2020-8492: Fix AbstractBasicAuthHandler #18284
  • [3.8] bpo-39503: CVE-2020-8492: Fix AbstractBasicAuthHandler (GH-18284) #19291
  • [3.7] bpo-39503: CVE-2020-8492: Fix AbstractBasicAuthHandler (GH-18284) #19292
  • [3.8] bpo-39503: CVE-2020-8492: Fix AbstractBasicAuthHandler (GH-18284) #19296
  • [3.7] bpo-39503: CVE-2020-8492: Fix AbstractBasicAuthHandler (GH-18284) #19297
  • [3.6] bpo-39503: CVE-2020-8492: Fix AbstractBasicAuthHandler #19299
  • [3.5] bpo-39503: CVE-2020-8492: Fix AbstractBasicAuthHandler #19301
  • [2.7] bpo-39503: CVE-2020-8492: Fix AbstractBasicAuthHandler #19302
  • [3.6] bpo-39503: CVE-2020-8492: Fix AbstractBasicAuthHandler (GH-18284) #19304
  • [3.5] bpo-39503: CVE-2020-8492: Fix AbstractBasicAuthHandler (GH-18284) #19305
    		•
    Files
  • bench_parser.py
  • bench_parser2.py: Benchmark
    		•

    Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.

    Show more details

    GitHub fields:

    assignee = None
closed_at = <Date 2020-06-20.08:33:12.125>
created_at = <Date 2020-01-30.15:11:29.386>
labels = ['type-security', '3.8', '3.9', '3.10', '3.11', '3.7', 'library']
title = '[security][CVE-2020-8492] Denial of service in urllib.request.AbstractBasicAuthHandler'
updated_at = <Date 2021-09-14.10:39:30.313>
user = 'https://github.com/vstinner'

    bugs.python.org fields:

    activity = <Date 2021-09-14.10:39:30.313>
actor = 'vstinner'
assignee = 'none'
closed = True
closed_date = <Date 2020-06-20.08:33:12.125>
closer = 'larry'
components = ['Library (Lib)']
creation = <Date 2020-01-30.15:11:29.386>
creator = 'vstinner'
dependencies = []
files = ['49016', '49023']
hgrepos = []
issue_num = 39503
keywords = ['patch']
message_count = 17.0
messages = ['361072', '361073', '361081', '361343', '364996', '365335', '365538', '365541', '365542', '365578', '365579', '365663', '371921', '401762', '401766', '401768', '401770']
nosy_count = 11.0
nosy_names = ['vstinner', 'larry', 'ned.deily', 'mgorny', 'koobs', 'miss-islington', 'ware', 'tapakund', 'Anselmo Melo', 'bc', 'sxt1001']
pr_nums = ['18284', '19291', '19292', '19296', '19297', '19299', '19301', '19302', '19304', '19305']
priority = 'normal'
resolution = 'fixed'
stage = 'resolved'
status = 'closed'
superseder = None
type = 'security'
url = 'https://bugs.python.org/issue39503'
versions = ['Python 3.7', 'Python 3.8', 'Python 3.9', 'Python 3.10', 'Python 3.11']

    Metadata

    Metadata

    Assignees

    No one assigned

      Labels

      3.10only security fixes3.11only security fixes3.7 (EOL)end of life3.8 (EOL)end of life3.9 (EOL)end of lifestdlibStandard Library Python modules in the Lib/ directorytype-securityA security issue

      Fields

      No fields configured for issues without a type.

      Projects

      No projects

      Milestone

      No milestone

      Relationships

      None yet

      Development

      No branches or pull requests

      Issue actions