Pypi · Encode · CVE-2021-40839
**Name of the Vulnerable Software and Affected Versions**
rencode package through 1.0.6 for Python
**Description**
The issue allows an infinite loop in typecode decoding, such as via `;x2fx7f`, enabling a remote attack that consumes CPU and memory.
**Recommendations**
For rencode package versions through 1.0.6, consider updating to a version later than 1.0.6 to resolve the issue.
As a temporary workaround, consider restricting the use of typecode decoding functionality until a patch is available.