Описание
Improper Resource Shutdown or Release in TYPO3 extension
Wrong usage of the TYPO3 FAL API results in copies of processed files being saved to the /var/transient/ folder of a TYPO3 website on every frontend request. This can result in Denial of Service, since the webspace may be filled up with image files simply by crafting a large amount of requests to the website.
Пакеты
Наименование
webcoast/deferred-image-processing
composer
Затронутые версииВерсия исправления
< 1.0.2
1.0.2
Связанные уязвимости
CVSS3: 7.5
nvd
больше 4 лет назад
The deferred_image_processing (aka Deferred image processing) extension before 1.0.2 for TYPO3 allows Denial of Service via the FAL API because of /var/transient disk consumption.