python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Python | Python | * | 2.7.15 (excluding) |
| Python | Python | 3.0 (including) | 3.4.9 (excluding) |
| Python | Python | 3.5.0 (including) | 3.5.5 (including) |
| Python | Python | 3.6 (including) | 3.6.4 (including) |
| Python | Python | 3.7.0-alpha1 (including) | 3.7.0-alpha1 (including) |
| Python | Python | 3.7.0-alpha2 (including) | 3.7.0-alpha2 (including) |
| Python | Python | 3.7.0-alpha3 (including) | 3.7.0-alpha3 (including) |
| Python | Python | 3.7.0-alpha4 (including) | 3.7.0-alpha4 (including) |
| Python | Python | 3.7.0-beta1 (including) | 3.7.0-beta1 (including) |
| Python | Python | 3.7.0-beta2 (including) | 3.7.0-beta2 (including) |
| Python | Python | 3.7.0-beta3 (including) | 3.7.0-beta3 (including) |
| Python | Python | 3.7.0-beta4 (including) | 3.7.0-beta4 (including) |
| Python | Python | 3.7.0-beta5 (including) | 3.7.0-beta5 (including) |
| Python | Python | 3.7.0-rc1 (including) | 3.7.0-rc1 (including) |
| Python2.7 | Ubuntu | artful | * |
| Python2.7 | Ubuntu | trusty | * |
| Python2.7 | Ubuntu | xenial | * |
| Python3.4 | Ubuntu | trusty | * |
| Python3.5 | Ubuntu | esm-infra-legacy/trusty | * |
| Python3.5 | Ubuntu | trusty | * |
| Python3.5 | Ubuntu | trusty/esm | * |
| Python3.5 | Ubuntu | xenial | * |
| Python3.6 | Ubuntu | artful | * |
| Python3.7 | Ubuntu | artful | * |
| Red Hat Enterprise Linux 7 | RedHat | python-0:2.7.5-76.el7 | * |
| Red Hat Enterprise Linux 7.4 Advanced Update Support | RedHat | python-0:2.7.5-63.el7_4 | * |
| Red Hat Enterprise Linux 7.4 Telco Extended Update Support | RedHat | python-0:2.7.5-63.el7_4 | * |
| Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions | RedHat | python-0:2.7.5-63.el7_4 | * |
| Red Hat Enterprise Linux 7.5 Extended Update Support | RedHat | python-0:2.7.5-74.el7_5 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 6 | RedHat | python27-python-0:2.7.16-4.el6 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 6 | RedHat | python27-python-jinja2-0:2.6-12.el6 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 6 | RedHat | rh-python36-python-0:3.6.9-2.el6 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | RedHat | python27-python-0:2.7.16-4.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | RedHat | python27-python-jinja2-0:2.6-15.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | RedHat | rh-python36-python-0:3.6.9-2.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS | RedHat | python27-python-0:2.7.16-4.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS | RedHat | python27-python-jinja2-0:2.6-15.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS | RedHat | python27-python-0:2.7.16-4.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS | RedHat | python27-python-jinja2-0:2.6-15.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS | RedHat | rh-python36-python-0:3.6.9-2.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS | RedHat | python27-python-0:2.7.16-4.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS | RedHat | python27-python-jinja2-0:2.6-15.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS | RedHat | rh-python36-python-0:3.6.9-2.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS | RedHat | rh-python36-python-0:3.6.9-2.el7 | * |