5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.039 Low
EPSS
Percentile
91.9%
The parse function in Email::Address module before 1.905 for Perl uses an
inefficient regular expression, which allows remote attackers to cause a
denial of service (CPU consumption) via an empty quoted string in an RFC
2822 address.
Author | Note |
---|---|
mdeslaur | fixes in both 1.904 and 1.905 (and maybe before?) |