Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-1060

Опубликовано: 18 июн. 2018
Источник: debian
EPSS Низкий

Описание

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
python3.7fixed3.7.0~b3-1package
python3.6fixed3.6.5~rc1-1package
python3.5fixed3.5.6-1package
python3.4removedpackage
python3.2removedpackage
python3.2no-dsawheezypackage
python2.7fixed2.7.14-7package
python2.7no-dsawheezypackage
python2.6removedpackage
python2.6no-dsawheezypackage

Примечания

  • https://bugs.python.org/issue32981

  • https://github.com/python/cpython/commit/0e6c8ee2358a2e23117501826c008842acb835ac (master)

  • https://github.com/python/cpython/commit/0902a2d6b2d1d9dbde36aeaaccf1788ceaa97143 (3.7)

  • https://github.com/python/cpython/commit/c9516754067d71fd7429a25ccfcb2141fc583523 (3.6)

  • https://github.com/python/cpython/commit/937ac1fe069a4dc8471dff205f553d82e724015b (3.5)

  • https://github.com/python/cpython/commit/942cc04ae44825ea120e3a19a80c9b348b8194d0 (3.4)

  • https://github.com/python/cpython/commit/e052d40cea15f582b50947f7d906b39744dc62a2 (2.7)

EPSS

Процентиль: 74%
0.00855
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2018-1060

CVSS3: 7.5
ubuntu
около 7 лет назад

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.

redhat логотип

CVE-2018-1060

CVSS3: 4.3
redhat
больше 7 лет назад

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.

nvd логотип

CVE-2018-1060

CVSS3: 7.5
nvd
около 7 лет назад

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.

github логотип

GHSA-7hp6-577h-hcgr

CVSS3: 7.5
github
около 3 лет назад

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.

fstec логотип

BDU:2019-04237

CVSS3: 7.5
fstec
почти 7 лет назад

Уязвимость метода pop3lib apop() интерпретатора языка программирования Python, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 74%
0.00855
Низкий