Algorithmic complexity vulnerability in Email::Address::List before 0.02, as used in RT 4.2.0 through 4.2.2, allows remote attackers to cause a denial of service (CPU consumption) via a string without an address.

Threat-Mapped Scoring

Score: 1.5

Priority: P4 - Informational (Low)

• S10 – Denial of Service

EPSS

Score: 0.00535
Percentile: 0.66425

CVSS Scoring

Affected Products

• cpe:2.3:a:bestpractical:rt:4.2.0:*:*:*:*:*:*:*
• cpe:2.3:a:bestpractical:rt:4.2.1:*:*:*:*:*:*:*
• cpe:2.3:a:bestpractical:rt:4.2.2:*:*:*:*:*:*:*
• cpe:2.3:a:email\:\:address\:\:list_project:email\:\:address\:\:list:*:*:*:*:*:*:*:*

← Back to Home