Description

There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resources being used while parsing the value.

Remediation

References

CVE-2024-7592

Related Vulnerabilities

WordPress Plugin Ad Invalid Click Protector (AICP) Malicious Code (1.2.9)

WordPress Plugin Advanced Import:One Click Import for WordPress or Theme Demo Data Cross-Site Request Forgery (1.3.7)

Oracle Database Server CVE-2011-0875 Vulnerability (CVE-2011-0875)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-45151)

Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35361)

Severity

High

Classification

CVE-2024-7592 CWE-1333 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities