Safety vulnerability ID: 67895
The information on this page was manually curated by our Cybersecurity Intelligence Team.
CVE-2024-3651 impacts the idna.encode() function, where a specially crafted argument could lead to significant resource consumption, causing a denial-of-service. In version 3.7, this function has been updated to reject such inputs efficiently, minimizing resource use. A practical workaround involves enforcing a maximum domain name length of 253 characters before encoding, as the vulnerability is triggered by unusually large inputs that normal operations wouldn't encounter.
Latest version: 3.7
Internationalized Domain Names in Applications (IDNA)
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application