Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-7686

Опубликовано: 27 сент. 2015
Источник: redhat
CVSS2: 4.3
EPSS Низкий

Описание

Algorithmic complexity vulnerability in Address.pm in the Email-Address module 1.908 and earlier for Perl allows remote attackers to cause a denial of service (CPU consumption) via a crafted string containing a list of e-mail addresses in conjunction with parenthesis characters that can be associated with nested comments. NOTE: the default configuration in 1.908 mitigates this vulnerability but misparses certain realistic comments.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 7perl-Email-AddressWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-407
https://bugzilla.redhat.com/show_bug.cgi?id=1268777perl-Email-Address: denial of service when parsing crafted email address list

EPSS

Процентиль: 77%
0.01026
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-7686

ubuntu
около 10 лет назад

Algorithmic complexity vulnerability in Address.pm in the Email-Address module 1.908 and earlier for Perl allows remote attackers to cause a denial of service (CPU consumption) via a crafted string containing a list of e-mail addresses in conjunction with parenthesis characters that can be associated with nested comments. NOTE: the default configuration in 1.908 mitigates this vulnerability but misparses certain realistic comments.

nvd логотип

CVE-2015-7686

nvd
около 10 лет назад

Algorithmic complexity vulnerability in Address.pm in the Email-Address module 1.908 and earlier for Perl allows remote attackers to cause a denial of service (CPU consumption) via a crafted string containing a list of e-mail addresses in conjunction with parenthesis characters that can be associated with nested comments. NOTE: the default configuration in 1.908 mitigates this vulnerability but misparses certain realistic comments.

debian логотип

CVE-2015-7686

debian
около 10 лет назад

Algorithmic complexity vulnerability in Address.pm in the Email-Addres ...

github логотип

GHSA-24jp-cwv2-qjwh

github
больше 3 лет назад

Algorithmic complexity vulnerability in Address.pm in the Email-Address module 1.908 and earlier for Perl allows remote attackers to cause a denial of service (CPU consumption) via a crafted string containing a list of e-mail addresses in conjunction with parenthesis characters that can be associated with nested comments. NOTE: the default configuration in 1.908 mitigates this vulnerability but misparses certain realistic comments.

EPSS

Процентиль: 77%
0.01026
Низкий

4.3 Medium

CVSS2