Unrated severityNVD Advisory· Published Apr 27, 2020· Updated Aug 4, 2024
CVE-2020-1722
CVE-2020-1722
Description
A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password (>= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat from this vulnerability is to system availability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10- osv-coords8 versionspkg:rpm/almalinux/custodiapkg:rpm/almalinux/python3-custodiapkg:rpm/almalinux/python3-jwcryptopkg:rpm/almalinux/python3-kdcproxypkg:rpm/almalinux/python3-pyusbpkg:rpm/almalinux/python3-qrcodepkg:rpm/almalinux/python3-qrcode-corepkg:rpm/almalinux/python3-yubico
< 0.6.0-3.module_el8.6.0+2881+2f24dc92+ 7 more
- (no CPE)range: < 0.6.0-3.module_el8.6.0+2881+2f24dc92
- (no CPE)range: < 0.6.0-3.module_el8.6.0+2881+2f24dc92
- (no CPE)range: < 0.5.0-1.module_el8.5.0+2641+983b221b
- (no CPE)range: < 0.4-5.module_el8.6.0+2881+2f24dc92
- (no CPE)range: < 1.0.0-9.module_el8.5.0+2641+983b221b
- (no CPE)range: < 5.1-12.module_el8.6.0+2881+2f24dc92
- (no CPE)range: < 5.1-12.module_el8.6.0+2737+7e73ea90
- (no CPE)range: < 1.3.2-9.module_el8.5.0+2641+983b221b
- Red Hat/ipav5Range: all ipa versions 4.x.x through 4.8.0
Patches
Vulnerability mechanics
References
1- bugzilla.redhat.com/show_bug.cgimitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.