{ "dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": { "state": "PUBLISHED", "cveId": "CVE-2020-10735", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "dateUpdated": "2025-11-03T21:44:16.139Z", "dateReserved": "2020-03-20T00:00:00.000Z", "datePublished": "2022-09-09T00:00:00.000Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2023-06-30T22:06:31.040Z" }, "descriptions": [ { "lang": "en", "value": "A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int(\"text\"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability." } ], "affected": [ { "vendor": "n/a", "product": "python", "versions": [ { "version": "python 3.7", "status": "affected" } ] } ], "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2020-10735" }, { "url": "https://github.com/python/cpython/issues/95778" }, { "url": "https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834423" }, { "name": "FEDORA-2022-46a44a7f83", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4EWKR2SPX3JORLWCXFY3KN2U5B5CIUQQ/" }, { "name": "FEDORA-2022-66b65beccb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VCU6EVQDIXNCEDJUCTFIER2WVNNDTYZ/" }, { "name": "FEDORA-2022-4b31e33ed0", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V7ZUJDHK7KNG6SLIFXW7MNZ6O2PUJYK6/" }, { "name": "FEDORA-2022-6d57598a23", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSRPVJZL6DJFWKYRHMNJB7VCEUCBKRF5/" }, { "name": "FEDORA-2022-f330bbfda2", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XL6E5A3I36TRR73VNBOXNIQP4AMZDFZ/" }, { "name": "FEDORA-2022-29d436596f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/32AAQKABEKFCB5DDV5OONRZK6BS23HPW/" }, { "name": "FEDORA-2022-b01214472e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4ZZV4CDFRMTPDBI7C5L43RFL3XLIGUY/" }, { "name": "FEDORA-2022-dd5032bedf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SZYJSGLSCQOKXXFVJVJQAXLEOJBIWGEL/" }, { "name": "FEDORA-2022-8535093cba", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5WQB7Z3CXOWVBD2AFAHYPA5ONYFFZ4/" }, { "name": "FEDORA-2022-72213986b8", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBPDVCDIUCEBE7C4NAGNA2KQJYOTPBAZ/" }, { "name": "[oss-security] 20220921 big ints in python: CVE-2020-10735", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/09/21/1" }, { "name": "[oss-security] 20220921 Re: big ints in python: CVE-2020-10735", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/09/21/4" }, { "name": "FEDORA-2022-f511f8f58b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/" }, { "name": "FEDORA-2022-c072cdc3c8", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5U223OE5ZOUHZAZYSYSWVJQIKDE73E/" }, { "name": "FEDORA-2022-0b3904c674", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PD7FTLJOIGMUSCDR3JAN6WRFHJEE4PH5/" }, { "name": "FEDORA-2022-141f632a6f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76YE7AM37MRU76XJV4M27CWDAMUGNRYK/" }, { "name": "FEDORA-2022-ac82a548df", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZEOAJWGGY55QU35UM2OVZATBW5MX2OZD/" }, { "name": "FEDORA-2022-d4570fc1a6", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NHC6IUU7CLRQ3QLPWUXLONSG3SXFTR47/" }, { "name": "FEDORA-2022-b8b34e62ab", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TD7JDDKJXK6D26XAN3YRFNM2LAJHT5UO/" }, { "name": "FEDORA-2022-d1682fef04", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/" }, { "name": "FEDORA-2022-79843dfb3c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/" }, { "name": "FEDORA-2022-958fd7a32e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMWPRAAJS7I6U3U45V7GZVXWNSECI22M/" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html" } ], "problemTypes": [ { "descriptions": [ { "type": "text", "lang": "en", "description": "DoS" } ] } ] }, "adp": [ { "title": "CVE Program Container", "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2020-10735", "tags": [ "x_transferred" ] }, { "url": "https://github.com/python/cpython/issues/95778", "tags": [ "x_transferred" ] }, { "url": "https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y", "tags": [ "x_transferred" ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834423", "tags": [ "x_transferred" ] }, { "name": "FEDORA-2022-46a44a7f83", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4EWKR2SPX3JORLWCXFY3KN2U5B5CIUQQ/" }, { "name": "FEDORA-2022-66b65beccb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VCU6EVQDIXNCEDJUCTFIER2WVNNDTYZ/" }, { "name": "FEDORA-2022-4b31e33ed0", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V7ZUJDHK7KNG6SLIFXW7MNZ6O2PUJYK6/" }, { "name": "FEDORA-2022-6d57598a23", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSRPVJZL6DJFWKYRHMNJB7VCEUCBKRF5/" }, { "name": "FEDORA-2022-f330bbfda2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XL6E5A3I36TRR73VNBOXNIQP4AMZDFZ/" }, { "name": "FEDORA-2022-29d436596f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/32AAQKABEKFCB5DDV5OONRZK6BS23HPW/" }, { "name": "FEDORA-2022-b01214472e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4ZZV4CDFRMTPDBI7C5L43RFL3XLIGUY/" }, { "name": "FEDORA-2022-dd5032bedf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SZYJSGLSCQOKXXFVJVJQAXLEOJBIWGEL/" }, { "name": "FEDORA-2022-8535093cba", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5WQB7Z3CXOWVBD2AFAHYPA5ONYFFZ4/" }, { "name": "FEDORA-2022-72213986b8", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBPDVCDIUCEBE7C4NAGNA2KQJYOTPBAZ/" }, { "name": "[oss-security] 20220921 big ints in python: CVE-2020-10735", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/09/21/1" }, { "name": "[oss-security] 20220921 Re: big ints in python: CVE-2020-10735", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/09/21/4" }, { "name": "FEDORA-2022-f511f8f58b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/" }, { "name": "FEDORA-2022-c072cdc3c8", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5U223OE5ZOUHZAZYSYSWVJQIKDE73E/" }, { "name": "FEDORA-2022-0b3904c674", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PD7FTLJOIGMUSCDR3JAN6WRFHJEE4PH5/" }, { "name": "FEDORA-2022-141f632a6f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76YE7AM37MRU76XJV4M27CWDAMUGNRYK/" }, { "name": "FEDORA-2022-ac82a548df", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZEOAJWGGY55QU35UM2OVZATBW5MX2OZD/" }, { "name": "FEDORA-2022-d4570fc1a6", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NHC6IUU7CLRQ3QLPWUXLONSG3SXFTR47/" }, { "name": "FEDORA-2022-b8b34e62ab", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TD7JDDKJXK6D26XAN3YRFNM2LAJHT5UO/" }, { "name": "FEDORA-2022-d1682fef04", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/" }, { "name": "FEDORA-2022-79843dfb3c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/" }, { "name": "FEDORA-2022-958fd7a32e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMWPRAAJS7I6U3U45V7GZVXWNSECI22M/" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html", "tags": [ "x_transferred" ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00000.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00024.html" } ], "providerMetadata": { "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T21:44:16.139Z" } } ] } }