{"id":"CVE-2020-29651","details":"A denial of service via regular expression in the py.path.svnwc component of py (aka python-py) through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality.","aliases":["GHSA-hj5v-574p-mj7c","PYSEC-2020-92"],"modified":"2026-04-09T07:12:31.789051Z","published":"2020-12-09T07:15:12.533Z","related":["MGASA-2021-0071","SUSE-FU-2022:0444-1","SUSE-FU-2022:0445-1","SUSE-SU-2021:1859-1","SUSE-SU-2021:1962-1","SUSE-SU-2021:1963-1","SUSE-SU-2021:2236-1","SUSE-SU-2021:2554-1","SUSE-SU-2022:2831-1","openSUSE-SU-2021:0851-1","openSUSE-SU-2021:1859-1","openSUSE-SU-2024:11108-1","openSUSE-SU-2024:11252-1","openSUSE-SU-2024:14153-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYWNYEV3FGDHPIHX4DDUDMFZ6NLCQRC4/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHDTINIBJZ67T3W74QTBIY5LPKAXEOGR/"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/11/msg00024.html"},{"type":"ADVISORY","url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"type":"ADVISORY","url":"https://github.com/pytest-dev/py/issues/256"},{"type":"ADVISORY","url":"https://github.com/pytest-dev/py/pull/257"},{"type":"FIX","url":"https://github.com/pytest-dev/py/pull/257/commits/4a9017dc6199d2a564b6e4b0aa39d6d8870e4144"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/pytest-dev/py","events":[{"introduced":"0"},{"last_affected":"b344f5b51fd3ec260d180d93e43b4796f1da57b9"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.9.0"}]}}],"versions":["1.0.0b3","1.1.0","1.1.1","1.2.0","1.2.1","1.3.0","1.3.1","1.3.2","1.3.3","1.4.0","1.4.1","1.4.10","1.4.11","1.4.12","1.4.13","1.4.14","1.4.15","1.4.16","1.4.17","1.4.18","1.4.19","1.4.2","1.4.20","1.4.21","1.4.23","1.4.24","1.4.25","1.4.26","1.4.27","1.4.28","1.4.29","1.4.3","1.4.30","1.4.31","1.4.34","1.4.4","1.4.6","1.4.7","1.4.9","1.5.3","1.9.0"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"32"}]},{"events":[{"introduced":"0"},{"last_affected":"33"}]},{"events":[{"introduced":"0"},{"last_affected":"8.8"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-29651.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}