CVE-2024-3772

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-3772
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-3772.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-3772
Aliases
Downstream
Related
Published
2024-04-15T03:16:07.987Z
Modified
2026-01-09T19:14:11.633074Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Regular expression denial of service in Pydanic < 2.4.0, < 1.10.13 allows remote attackers to cause denial of service via a crafted email string.

References

Affected packages

Git / github.com/pydantic/pydantic

Affected ranges

Type
GIT
Repo
https://github.com/pydantic/pydantic
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
8822578619bf8d0bb754b1cf7a2a905b50240d01

Affected versions

V0.*

V0.17

v0.*

v0.0.2
v0.0.3
v0.0.4
v0.0.5
v0.0.6
v0.0.7
v0.0.8
v0.1
v0.10
v0.11
v0.11.1
v0.11.2
v0.12
v0.12.1
v0.13
v0.13.1
v0.14
v0.15
v0.16
v0.16.1
v0.18
v0.18.1
v0.18.2
v0.19
v0.2
v0.2.1
v0.20
v0.20.1
v0.20a1
v0.21
v0.22
v0.23
v0.24
v0.25
v0.26
v0.27
v0.28
v0.29
v0.3
v0.30
v0.30.1
v0.31
v0.31.1
v0.32
v0.4
v0.5
v0.6
v0.6.1
v0.6.2
v0.6.3
v0.6.4
v0.7
v0.7.1
v0.8
v0.9
v0.9.1

v1.*

v1.0
v1.0b1
v1.0b2
v1.1
v1.10.0
v1.10.0a1
v1.10.0a2
v1.10.0b1
v1.10.1
v1.10.10
v1.10.11
v1.10.12
v1.10.2
v1.10.3
v1.10.4
v1.10.5
v1.10.6
v1.10.7
v1.10.8
v1.10.9
v1.10a1
v1.2
v1.3
v1.4
v1.5
v1.5.1
v1.6
v1.6.1
v1.7
v1.7.1
v1.7.2
v1.8
v1.8.1
v1.9.0
v1.9.0a1
v1.9.0a2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-3772.json"