CVE-2018-1061

Summary

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.

Affected Software

VendorProductVersion RangeStatus
[UNKNOWN]pythonpython 2.7.15affected
[UNKNOWN]pythonpython 3.4.9affected
[UNKNOWN]pythonpython 3.5.6affected
[UNKNOWN]pythonpython 3.7.0affected

Weaknesses

  • CWE-20: CWE-20

ADP Enrichment

CVE Program Container

Additional References

References