Description

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.

Remediation

References

CVE-2018-1060

Related Vulnerabilities

phpBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5917)

Oracle Database Server CVE-2018-2939 Vulnerability (CVE-2018-2939)

WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-4893)

WordPress Plugin Modern Events Calendar Lite Cross-Site Scripting (5.22.1)

WordPress Plugin LiveChat-WP live chat Cross-Site Scripting (3.7.3)

Severity

High

Classification

CVE-2018-1060 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities