vulnerability

Alpine Linux: CVE-2018-1060: Improper Input Validation

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Jun 18, 2018

Added

Aug 24, 2018

Modified

Mar 25, 2026

Description

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.

Solutions

alpine-linux-upgrade-python2alpine-linux-upgrade-python2-tkinteralpine-linux-upgrade-python3

References

CVE-2018-1060
https://attackerkb.com/topics/CVE-2018-1060
https://security.alpinelinux.org/vuln/CVE-2018-1060
https://euvd.enisa.europa.eu/vulnerability/EUVD-2018-11713
CWE-20
EUVD-EUVD-2018-11713

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report