CVE-2017-18361

NONE EPSS 75.3%
Published Feb 1, 20197y ago · Modified Jun 17, 20262w ago
Find Similar
Published Feb 1, 2019 7y ago
Last Modified Jun 17, 2026 2w ago

Description

In Pylons Colander through 1.6, the URL validator allows an attacker to potentially cause an infinite loop thereby causing a denial of service via an unclosed parenthesis.

Threat Intelligence

EPSS Exploit Probability
75.3% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-835

Affected Products 1

VendorProductVersionRange
pylonsprojectcolander* ≤1.6

References 2

  • github.com https://github.com/Pylons/colander/issues/290
    ExploitIssue TrackingThird Party Advisory
  • github.com https://github.com/Pylons/colander/pull/323
    PatchThird Party Advisory

Remediation

  • github.com https://github.com/Pylons/colander/pull/323
    PatchThird Party Advisory