PT-2019-15877 · Validator · Validator

Published

2019-12-05

Updated

2024-06-15

CVE-2019-19588

CVSS v4.0

8.7

High

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions validators package versions 0.12.2 through 0.12.5

Description The issue arises when the validators.domain function is called with a specifically crafted domain string, causing the program to enter an infinite loop.

Recommendations For versions 0.12.2 through 0.12.5, update to version 0.12.6 to resolve the issue.

Exploit

Fix

Infinite Loop

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-835

Related Identifiers

CVE-2019-19588

GHSA-5QCG-W2CC-XFFW

OPENSUSE-SU-2024:11278-1

OPENSUSE-SU-2024:13811-1

PYSEC-2019-134

Affected Products

Validator

PT-2019-15877 · Validator · Validator

CVE-2019-19588

Weakness Enumeration

Related Identifiers

Affected Products

References · 11