CVE-2018-12558

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-12558
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-12558.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-12558
Downstream
Related
Published
2018-06-20T14:29:00.273Z
Modified
2026-02-04T20:39:02.384569Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

The parse() method in the Email::Address module through 1.909 for Perl is vulnerable to Algorithmic complexity on specially prepared input, leading to Denial of Service. Prepared special input that caused this problem contained 30 form-field characters ("\f").

References

Affected packages

Git / github.com/rjbs/email-address

Affected ranges

Type
GIT
Repo
https://github.com/rjbs/email-address
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
3607a2d3de244ac087593e077ab2faf7a1a1ff24

Affected versions

1.*
1.889
1.890
1.891
1.892
1.893
1.894
1.895
1.896
1.897
1.898
1.899
1.900
1.901
1.902
1.903
1.904
1.905
1.906
1.907
1.908
1.909

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-12558.json"