Email::address Module Project : Security Vulnerabilities, CVEs,

CVE-2018-12558

The parse() method in the Email::Address module through 1.909 for Perl is vulnerable to Algorithmic complexity on specially prepared input, leading to Denial of Service. Prepared special input that caused this problem contained 30 form-field characters ("\f").
Max CVSS
7.5
EPSS Score
0.18%
Published
2018-06-20
Updated
2019-04-02

CVE-2014-4720

Email::Address module before 1.904 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service (CPU consumption) via vectors related to "backtracking into the phrase," a different vulnerability than CVE-2014-0477.
Max CVSS
5.0
EPSS Score
0.20%
Published
2014-07-06
Updated
2014-07-07

CVE-2014-0477

The parse function in Email::Address module before 1.905 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service (CPU consumption) via an empty quoted string in an RFC 2822 address.
Max CVSS
5.0
EPSS Score
3.90%
Published
2014-07-03
Updated
2015-11-04
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close