CVE-2018-1060

Summary

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.

Affected Software

VendorProductVersion RangeStatus
[UNKNOWN]pythonpython 2.7.15affected
[UNKNOWN]pythonpython 3.4.9affected
[UNKNOWN]pythonpython 3.5.6affected
[UNKNOWN]pythonpython 3.7.0affected

Weaknesses

  • CWE-20: CWE-20

ADP Enrichment

CVE Program Container

Additional References

References