Vulnerabilities (CVE)

Filtered by CWE-407
Total 24 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-33582 3 Cyrus, Debian, Fedoraproject 3 Imap, Debian Linux, Fedora 2024-02-28 5.0 MEDIUM 7.5 HIGH
Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of service (multiple-minute daemon hang) via input that is mishandled during hash-table interaction. Because there are many insertions into a single bucket, strcmp becomes slow. This is fixed in 3.4.2, 3.2.8, and 3.0.16.
CVE-2018-12558 1 Email\ 1 \ 2024-02-28 5.0 MEDIUM 7.5 HIGH
The parse() method in the Email::Address module through 1.909 for Perl is vulnerable to Algorithmic complexity on specially prepared input, leading to Denial of Service. Prepared special input that caused this problem contained 30 form-field characters ("\f").
CVE-2016-10396 1 Ipsec-tools 1 Ipsec-tools 2024-02-28 7.8 HIGH 7.5 HIGH
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in a particular order such that the worst-case computational complexity is realized in the algorithm utilized to determine if reassembly of the fragments can take place.
CVE-2017-11343 1 Call-cc 1 Chicken 2024-02-28 5.0 MEDIUM 7.5 HIGH
Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack. An attacker can provide crafted input which, when inserted into the symbol table, will result in O(n) lookup time.