1033 matches found
Medium: python27
Issue Overview: A flaw was found in the way catastrophic backtracking was implemented in python's pop3lib's apop method. An attacker could use this flaw to cause denial of service.CVE-2018-1060 A flaw was found in the way catastrophic backtracking was implemented in python's difflib.ISLINEJUNK...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Python vulnerabilities (USN-3817-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3817-1 advisory. It was discovered that Python incorrectly handled large amounts of data. A remote attacker could use this issue to cause Python t...
python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib
A flaw was found in the way catastrophic backtracking was implemented in python's pop3lib's apop method. An attacker could use this flaw to cause denial of service...
python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib
A flaw was found in the way catastrophic backtracking was implemented in python's difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...
django: Catastrophic backtracking in regular expressions via 'truncatechars_html' and 'truncatewords_html'
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a...
django: Catastrophic backtracking in regular expressions via 'urlize' and 'urlizetrunc'
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions only one regular expression for Django...
Debian DLA-1520-1 : python3.4 security update
Multiple vulnerabilities were found in the CPython interpreter which can cause denial of service, information gain, and arbitrary code execution. CVE-2017-1000158 CPython aka Python is vulnerable to an integer overflow in the PyStringDecodeEscape function in stringobject.c, resulting in heap-base...
[SECURITY] [DLA 1520-1] python3.4 security update
Package : python3.4 Version : 3.4.2-1+deb8u1 CVE ID : CVE-2017-1000158 CVE-2018-1060 CVE-2018-1061 CVE-2018-1000802 Multiple vulnerabilities were found in the CPython interpreter which can cause denial of service, information gain, and arbitrary code execution. CVE-2017-1000158 CPython aka Python...
Fedora 27 : python34 (2018-875afebb87)
Security update to 3.4.9 with fix for CVE-2018-1060: difflib and poplib catastrophic backtracking. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...
Fedora 27 : python35 (2018-04d49a1804)
Security update to 3.5.6 with fix for CVE-2018-1060: difflib and poplib catastrophic backtracking. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...
SUSE-SU-2018:1830-1 Security update for python-Django
This update for python-Django fixes the following security issues: - CVE-2016-2512: The utils.http.issafeurl function allowed remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or possibly conduct cross-site scripting XSS attacks via a URL containing basic...
SUSE-SU-2018:1828-1 Security update for python-Django
This update for python-Django fixes the following security issues: - CVE-2016-2512: The utils.http.issafeurl function allowed remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or possibly conduct cross-site scripting XSS attacks via a URL containing basic...
DEBIAN-CVE-2018-1061
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...
Denial of service
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...
CVE-2018-1061
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...
ALPINE-CVE-2018-1061
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...
CVE-2018-1061
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...
CVE-2018-1061
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...
PSF-2018-4 difflib and poplib catastrophic backtracking
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...
CVE-2018-1061
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...