Description

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.

Remediation

References

CVE-2018-1060

Related Vulnerabilities

Moodle Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2020-1754)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4975)

Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-19138)

WordPress Plugin WordPress Backup to Ziddu Cross-Site Scripting (1)

WordPress Plugin WishList Member X Remote Code Execution (3.25.1)

Severity

High

Classification

CVE-2018-1060 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities