CVE-2020-10735

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-10735

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-10735.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-10735

Aliases

Downstream

DEBIAN-CVE-2020-10735

DLA-3477-1

DLA-3966-1

DLA-3980-1

OESA-2022-1921

RHSA-2022:6766

RHSA-2022:7323

RHSA-2023:0833

RHSA-2023:2763

RHSA-2023:2764

RHSA-2024:0430

SUSE-SU-2022:3473-1

SUSE-SU-2022:3485-1

SUSE-SU-2022:3924-1

SUSE-SU-2022:4251-1

SUSE-SU-2022:4274-1

SUSE-SU-2022:4281-1

UBUNTU-CVE-2020-10735

openSUSE-SU-2024:12318-1

openSUSE-SU-2024:12336-1

openSUSE-SU-2024:12340-1

openSUSE-SU-2024:12341-1

openSUSE-SU-2024:12342-1

openSUSE-SU-2024:12910-1

openSUSE-SU-2024:14109-1

openSUSE-SU-2024:14434-1

openSUSE-SU-2025:14712-1

Related

Published

2022-09-09T14:15:08Z

Modified

2025-08-11T14:45:00.808302Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.

References

Affected packages

Git / github.com/python/cpython

Affected ranges

Type: GIT
Repo: https://github.com/python/cpython
Events: Introduced

1bf9cc509326bc42cd8cb1650eb9bf64550d817e

Fixed

e1ebdc52b8bd82a928398b0a75149552a723389a