mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
Dedupe CVE-2022-35958 for GHSA-q2rg-m477-8wg7
This commit is contained in:
callmemari
parent
04c815926b
commit
9f3b25a6be
@ -2,8 +2,7 @@
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security-advisories@github.com",
|
||||
"ID": "CVE-2022-35958",
|
||||
"STATE": "PUBLIC",
|
||||
"TITLE": "Discourse email invitations are not rate limited"
|
||||
"STATE": "REJECT"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
@ -12,18 +11,14 @@
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "discourse",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "stable <= 2.8.7; beta <= 2.9.0.beta8; tests-passed <= 2.9.0.beta8"
|
||||
}
|
||||
{}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "discourse"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -35,41 +30,16 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Discourse is a 100% open source discussion platform. A malicious user can use the invitation system to spam arbitrary email addresses by sending them invitation emails in some cases. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. There are currently no known workarounds."
|
||||
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-37458. Reason: This candidate is a reservation duplicate of CVE-2022-37458. Notes: All CVE users should reference CVE-2022-37458 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": {
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 3.5,
|
||||
"baseSeverity": "LOW",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "REQUIRED",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-770: Allocation of Resources Without Limits or Throttling"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-400: Uncontrolled Resource Consumption"
|
||||
"lang": "eng"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -78,24 +48,8 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"name": "https://github.com/discourse/discourse/security/advisories/GHSA-q2rg-m477-8wg7",
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://github.com/discourse/discourse/security/advisories/GHSA-q2rg-m477-8wg7"
|
||||
},
|
||||
{
|
||||
"name": "https://github.com/discourse/discourse/pull/17856",
|
||||
"refsource": "MISC",
|
||||
"url": "https://github.com/discourse/discourse/pull/17856"
|
||||
},
|
||||
{
|
||||
"name": "https://github.com/discourse/discourse/commit/cc84ea2444136df443aac33651d596cc8dd0b3e1",
|
||||
"refsource": "MISC",
|
||||
"url": "https://github.com/discourse/discourse/commit/cc84ea2444136df443aac33651d596cc8dd0b3e1"
|
||||
"refsource": "CONFIRM"
|
||||
}
|
||||
]
|
||||
},
|
||||
"source": {
|
||||
"advisory": "GHSA-q2rg-m477-8wg7",
|
||||
"discovery": "UNKNOWN"
|
||||
}
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user