Total
24 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-33582 | 3 Cyrus, Debian, Fedoraproject | 3 Imap, Debian Linux, Fedora | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of service (multiple-minute daemon hang) via input that is mishandled during hash-table interaction. Because there are many insertions into a single bucket, strcmp becomes slow. This is fixed in 3.4.2, 3.2.8, and 3.0.16. | |||||
CVE-2018-12558 | 1 Email\ | 1 \ | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The parse() method in the Email::Address module through 1.909 for Perl is vulnerable to Algorithmic complexity on specially prepared input, leading to Denial of Service. Prepared special input that caused this problem contained 30 form-field characters ("\f"). | |||||
CVE-2016-10396 | 1 Ipsec-tools | 1 Ipsec-tools | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in a particular order such that the worst-case computational complexity is realized in the algorithm utilized to determine if reassembly of the fragments can take place. | |||||
CVE-2017-11343 | 1 Call-cc | 1 Chicken | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack. An attacker can provide crafted input which, when inserted into the symbol table, will result in O(n) lookup time. |