admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 13:36:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-125xx/CVE-2024-12579.json
cad-safe-bot 5fc0b01395 Auto-Update: 2024-12-15T03:00:19.262894+00:00
2024-12-15 03:03:56 +00:00

64 lines
2.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-12579",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-13T05:15:07.473",
"lastModified": "2024-12-13T05:15:07.473",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Minify HTML plugin for WordPress is vulnerable to Regular Expression Denial of Service (ReDoS) in all versions up to, and including, 2.1.10. This is due to processing user-supplied input as a regular expression. This makes it possible for unauthenticated attackers to create comments that can cause catastrophic backtracking and break pages."
},
{
"lang": "es",
"value": "El complemento Minify HTML para WordPress es vulnerable a la denegaci\u00f3n de servicio por expresi\u00f3n regular (ReDoS) en todas las versiones hasta la 2.1.10 incluida. Esto se debe al procesamiento de la entrada proporcionada por el usuario como una expresi\u00f3n regular. Esto hace posible que atacantes no autenticados creen comentarios que pueden causar retrocesos catastr\u00f3ficos y romper p\u00e1ginas."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3203890/minify-html-markup",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/80334e81-c33d-464c-9409-f49c34681890?source=cve",
"source": "security@wordfence.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink