CVE-2017-17846

Опубликовано: 27 дек. 2017

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 5

CVSS3: 7.5

Описание

An issue was discovered in Enigmail before 1.9.9. Regular expressions are exploitable for Denial of Service, because of attempts to match arbitrarily long strings, aka TBE-01-003.

Релиз	Статус	Примечание
artful	released	2:1.9.9-0ubuntu0.17.10.1
devel	not-affected	2:1.9.9-1
esm-apps/xenial	released	2:1.9.9-0ubuntu0.16.04.1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [2:1.9.9-0ubuntu0.14.04.1]]
precise/esm	DNE
trusty	released	2:1.9.9-0ubuntu0.14.04.1
trusty/esm	DNE	trusty was released [2:1.9.9-0ubuntu0.14.04.1]
upstream	released	2:1.9.9-1
xenial	released	2:1.9.9-0ubuntu0.16.04.1
zesty	ignored	end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 73%

0.00782

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2017-17846

CVSS3: 7.5

nvd

больше 7 лет назад

An issue was discovered in Enigmail before 1.9.9. Regular expressions are exploitable for Denial of Service, because of attempts to match arbitrarily long strings, aka TBE-01-003.

CVE-2017-17846

CVSS3: 7.5

debian

больше 7 лет назад

An issue was discovered in Enigmail before 1.9.9. Regular expressions ...

GHSA-xxw4-vmw8-xc6f

CVSS3: 7.5

github

около 3 лет назад

An issue was discovered in Enigmail before 1.9.9. Regular expressions are exploitable for Denial of Service, because of attempts to match arbitrarily long strings, aka TBE-01-003.

EPSS

Процентиль: 73%

0.00782

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2017-17846

Описание

Пакет enigmail

Ссылки на источники

Связанные уязвимости