CVE-2017-18361

Опубликовано: 01 фев. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

In Pylons Colander through 1.6, the URL validator allows an attacker to potentially cause an infinite loop thereby causing a denial of service via an unclosed parenthesis.

Ссылки

https://github.com/Pylons/colander/issues/290
Exploit
Issue Tracking
Third Party Advisory
https://github.com/Pylons/colander/pull/323
Patch
Third Party Advisory
https://github.com/Pylons/colander/issues/290
Exploit
Issue Tracking
Third Party Advisory
https://github.com/Pylons/colander/pull/323
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:pylonsproject:colander:*:*:*:*:*:*:*:*

Версия до 1.6 (включая)

EPSS

Процентиль: 32%

0.00127

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-835

Связанные уязвимости

CVE-2017-18361

CVSS3: 7.5

ubuntu

около 7 лет назад

In Pylons Colander through 1.6, the URL validator allows an attacker to potentially cause an infinite loop thereby causing a denial of service via an unclosed parenthesis.

CVE-2017-18361

CVSS3: 7.5

debian

около 7 лет назад

In Pylons Colander through 1.6, the URL validator allows an attacker t ...

GHSA-rv95-4wxj-6fqq

CVSS3: 7.5

github

почти 7 лет назад

Pylons Colander Denial of Service vulnerability

EPSS

Процентиль: 32%

0.00127

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-835