CVE-2018-1060
HIGH7.5EPSS 1.0%Published: 6/18/2018Modified: 11/19/2025
Also known as:ALPINE-CVE-2018-1060DEBIAN-CVE-2018-1060
Description
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.
Affected packages (3)
- Alpine/python2from 0, < 2.7.15-r0
- Alpine/python3from 0, < 3.5.6-r0
- Debian/python2.7from 0, < 2.7.14-7
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |