CVE-2024-3772

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-3772
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-3772.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-3772
Aliases
Downstream
Related
Published
2024-04-15T01:42:07.888Z
Modified
2026-05-14T03:26:59.431500960Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Regular expression denial of service in Pydantic < 2.4.0
Details

Regular expression denial of service in Pydanic < 2.4.0, < 1.10.13 allows remote attackers to cause denial of service via a crafted email string.

Database specific 
{
    "cwe_ids": [
        "CWE-1333"
    ],
    "cna_assigner": "directcyber",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/3xxx/CVE-2024-3772.json"
}
References

Affected packages

Git / github.com/pydantic/pydantic

Affected ranges

Type
GIT
Repo
https://github.com/pydantic/pydantic
Events
Introduced
b8bbfec670019e96530680a4b79551afc6e122ec
Fixed
8822578619bf8d0bb754b1cf7a2a905b50240d01

Affected versions

v1.*
v1.0
v1.1
v1.10.0
v1.10.0a1
v1.10.0a2
v1.10.0b1
v1.10.1
v1.10.10
v1.10.11
v1.10.12
v1.10.2
v1.10.3
v1.10.4
v1.10.5
v1.10.6
v1.10.7
v1.10.8
v1.10.9
v1.10a1
v1.2
v1.3
v1.4
v1.5
v1.5.1
v1.6
v1.6.1
v1.7
v1.7.1
v1.7.2
v1.8
v1.8.1
v1.9.0
v1.9.0a1
v1.9.0a2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-3772.json"