Auto-merge PR#8164

2025-08-04 08:44:25 +00:00 · 2022-11-25 07:55:14 -05:00 · 2022-11-25 07:55:14 -05:00 · 82ea207ce4
commit 82ea207ce4
parent 93897bd4eb 01799e6cfa
1 changed files with 8 additions and 8 deletions
--- a/2022/4xxx/CVE-2022-4111.json
+++ b/2022/4xxx/CVE-2022-4111.json
@ -36,7 +36,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "What happens if a bot net starts uploading 100MB files from 100 machines at the same time. This would mean that our network pipes are clogged handling 10GB of data while slowing down our real customers..... the answer the site will down and come not available"
+                "value": "Unrestricted file size limit can lead to DoS in tooljet/tooljet <1.27 by allowing a logged in attacker to upload profile pictures over 2MB."
            }
        ]
    },
@ -44,15 +44,15 @@
        "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
-            "availabilityImpact": "NONE",
+            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
-            "confidentialityImpact": "HIGH",
-            "integrityImpact": "HIGH",
-            "privilegesRequired": "NONE",
-            "scope": "CHANGED",
+            "confidentialityImpact": "NONE",
+            "integrityImpact": "NONE",
+            "privilegesRequired": "LOW",
+            "scope": "UNCHANGED",
            "userInteraction": "NONE",
-            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
+            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
        }
    },
@ -86,4 +86,4 @@
        "advisory": "5596d072-66d2-4361-8cac-101c9c781c3d",
        "discovery": "EXTERNAL"
    }
-}
+}