VYPR
High severityNVD Advisory· Published Oct 16, 2022· Updated May 14, 2025

CVE-2022-42969

CVE-2022-42969

Description

The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been disputed by multiple third parties as not being reproduceable and they argue this is not a valid vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
pyPyPI
<= 1.11.0

Affected products

14

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.