CVE-2024-3772
Publication date 15 April 2024
Last updated 24 July 2024
Ubuntu priority
Regular expression denial of service in Pydanic < 2.4.0, < 1.10.13 allows remote attackers to cause denial of service via a crafted email string.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| pydantic | 24.10 oracular |
Not affected
|
| 24.04 LTS noble |
Not affected
|
|
| 22.04 LTS jammy |
Vulnerable
|
|
| 20.04 LTS focal |
Vulnerable
|
References
Other references
- https://www.cve.org/CVERecord?id=CVE-2024-3772
- https://github.com/pydantic/pydantic/pull/7360
- https://github.com/pydantic/pydantic/commit/e4393ae6145c4dadff739990bb0116c6dec3441b (v2.4.0)
- https://github.com/pydantic/pydantic/pull/7673
- https://github.com/pydantic/pydantic/commit/59d8f38fd6220e3917c53785dbc70317d6f8e631 (v1.0.13)