CVEs-PoC/2020/CVE-2020-10735.md at b0e96c877abb080d7cf221c036336480ff266ccf

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-09 19:17:37 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.

POC

Reference

https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/Live-Hack-CVE/CVE-2020-10735
https://github.com/NathanielAPawluk/sec-buddy
https://github.com/Vizonex/PyRandom128

1.0 KiB Raw Blame History

CVE-2020-10735

Description

POC

Reference

Github

1.0 KiB

Raw Blame History