Launchpad CVE tracker

CVE 2018-1060

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://bugs.python.or...
CONFIRM: https://bugzilla.redha...
CONFIRM: https://docs.python.or...
CONFIRM: https://docs.python.or...
MLIST: [debian-lts-announce] ...
MLIST: [debian-lts-announce] ...
DEBIAN: DSA-4306
DEBIAN: DSA-4307
REDHAT: RHSA-2018:3041
REDHAT: RHSA-2018:3505
UBUNTU: USN-3817-1
SECTRACK: 1042001
UBUNTU: USN-3817-2
FEDORA: FEDORA-2019-51f1e08207
FEDORA: FEDORA-2019-6e1938a3c5
FEDORA: FEDORA-2019-cf725dd20b
REDHAT: RHBA-2019:0327
REDHAT: RHSA-2019:1260
CONFIRM: https://support.hpe.co...
REDHAT: RHSA-2019:3725
MISC: https://www.oracle.com...
SUSE: openSUSE-SU-2020:0086

Launchpad.net

CVE 2018-1060

Related bugs

References