CVE-2018-18898

Опубликовано: 21 мар. 2019

Источник: debian

Описание

The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libemail-address-list-perl	fixed	0.06-1		package
libemail-address-list-perl	fixed	0.05-1+deb9u1	stretch	package

Примечания

https://github.com/bestpractical/email-address-list/commit/a22e6b233443fe3ad1a408e50ecbd7237674817d
https://github.com/bestpractical/email-address-list/commit/6dd5021a6e5df2e8c86a163dc2e180a76a38e63b
https://github.com/bestpractical/email-address-list/commit/31bd4dc2dfb26fd6a17e4436df3d3c8904856f30

Связанные уязвимости

CVE-2018-18898

CVSS3: 7.5

ubuntu

почти 7 лет назад

The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing.

CVE-2018-18898

CVSS3: 7.5

nvd

почти 7 лет назад

The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing.

GHSA-6rmj-6826-5j8h

CVSS3: 7.5

github

больше 3 лет назад

The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing.