Threat Encyclopedia

Incorrect Type Conversion or Cast Leading to Denial of Service CVE-2020-10735 in Python 3.7

description-logoDescription

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int(\"text\"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.

affected-products-logoAffected Applications

Python

CVE References

CVE-2020-10735

Telemetry logoTelemetry