-
Notifications
You must be signed in to change notification settings - Fork 53
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[CVE-2020-14422] Hash collisions in IPv4Interface and IPv6Interface #55
Comments
frenzymadness
added a commit
to frenzymadness/ipaddress
that referenced
this issue
Aug 3, 2020
The __hash__() methods of classes IPv4Interface and IPv6Interface had issue of generating constant hash values of 32 and 128 respectively causing hash collisions. The fix uses the hash() function to generate hash values for the objects instead of XOR operation Fixes: phihag#55
frenzymadness
added a commit
to frenzymadness/ipaddress
that referenced
this issue
Nov 20, 2020
The __hash__() methods of classes IPv4Interface and IPv6Interface had issue of generating constant hash values of 32 and 128 respectively causing hash collisions. The fix uses the hash() function to generate hash values for the objects instead of XOR operation Fixes: phihag#55
This was referenced Dec 26, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As described in https://bugs.python.org/issue41004, the ipaddress module is vulernable to hash collisions. The upstream fix should be back ported here too.
The text was updated successfully, but these errors were encountered: