sunnavy

2 exploits Active since Jul 2014

CVE-2014-4720 WRITEUP WRITEUP

Email::Address < 1.904 - Denial of Service via Inefficient Regular Expression

Email::Address module before 1.904 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service (CPU consumption) via vectors related to "backtracking into the phrase," a different vulnerability than CVE-2014-0477.

View Code

CVE-2021-38562 WRITEUP HIGH WRITEUP

Best Practical Request Tracker 4.2.0-4.2.16, 4.4.0-4.4.4, 5.0.0-5.0.1 - Information Disclosure via Timing Attack

Best Practical Request Tracker (RT) 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing attack against lib/RT/REST2/Middleware/Auth.pm.

CVSS 7.5

View Code