CVE-2017-18361
NONE EPSS 75.3%
Published Feb 1, 20197y ago · Modified Jun 17, 20262w ago
Published Feb 1, 2019 7y ago
Last Modified Jun 17, 2026 2w ago
Description
In Pylons Colander through 1.6, the URL validator allows an attacker to potentially cause an infinite loop thereby causing a denial of service via an unclosed parenthesis.
Threat Intelligence
EPSS Exploit Probability
75.3% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Weaknesses 1
CWE-835
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| pylonsproject | colander | * | ≤1.6 |
References 2
- github.com https://github.com/Pylons/colander/issues/290
- github.com https://github.com/Pylons/colander/pull/323
Remediation
- github.com https://github.com/Pylons/colander/pull/323