← volver
CVE-2018-1060

CVE-2018-1060

CVSS 4.3 MEDIUMEPSS 5.1%CWE-20
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Productos afectados
[UNKNOWN] · python

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.htmlhttps://access.redhat.com/errata/RHBA-2019:0327https://access.redhat.com/errata/RHSA-2018:3041https://access.redhat.com/errata/RHSA-2018:3505https://access.redhat.com/errata/RHSA-2019:1260https://access.redhat.com/errata/RHSA-2019:3725https://bugs.python.org/issue32981https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1060https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-6-release-candidate-1https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-5-release-candidate-1https://lists.debian.org/debian-lts-announce/2018/09/msg00030.htmlhttps://lists.debian.org/debian-lts-announce/2018/09/msg00031.html