admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-471xx/CVE-2023-47120.json
cad-safe-bot 5eb8eb13da Auto-Update: 2023-11-13T05:00:20.276988+00:00
2023-11-13 05:00:24 +00:00

63 lines
2.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-47120",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-10T16:15:33.473",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Discourse is an open source platform for community discussion. In versions 3.1.0 through 3.1.2 of the `stable` branch and versions 3.1.0,beta6 through 3.2.0.beta2 of the `beta` and `tests-passed` branches, Redis memory can be depleted by crafting a site with an abnormally long favicon URL and drafting multiple posts which Onebox it. The issue is patched in version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches. There are no known workarounds."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://github.com/discourse/discourse/commit/95a82d608d6377faf68a0e2c5d9640b043557852",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/discourse/discourse/commit/e910dd09140cb4abc3a563b95af4a137ca7fa0ce",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/discourse/discourse/security/advisories/GHSA-77cw-xhj8-hfp3",
"source": "security-advisories@github.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink