CVE-2018-1060
CVE-2018-1060
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected products
[UNKNOWN] · pythonWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.htmlhttps://access.redhat.com/errata/RHBA-2019:0327https://access.redhat.com/errata/RHSA-2018:3041https://access.redhat.com/errata/RHSA-2018:3505https://access.redhat.com/errata/RHSA-2019:1260https://access.redhat.com/errata/RHSA-2019:3725https://bugs.python.org/issue32981https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1060https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-6-release-candidate-1https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-5-release-candidate-1https://lists.debian.org/debian-lts-announce/2018/09/msg00030.htmlhttps://lists.debian.org/debian-lts-announce/2018/09/msg00031.html