GHSA-g3vq-f35v-vhgm

Опубликовано: 13 мая 2022

Источник: github

Github: Прошло ревью

CVSS3: 7.5

Описание

Apache OpenMeetings vulnerable to Uncontrolled Resource Consumption

Apache OpenMeetings 1.0.0 doesn't check contents of files being uploaded. An attacker can cause a denial of service by uploading multiple large files to the server.

Ссылки

Пакеты

Наименование

org.apache.openmeetings:openmeetings-parent

maven

Затронутые версииВерсия исправления

>= 1.0.0, < 3.3.0

3.3.0

EPSS

Процентиль: 81%

0.01505

Низкий

7.5 High

CVSS3

CVE ID

CVE-2017-7684

Дефекты

CWE-400

Связанные уязвимости

CVE-2017-7684

CVSS3: 7.5

nvd

больше 8 лет назад

Apache OpenMeetings 1.0.0 doesn't check contents of files being uploaded. An attacker can cause a denial of service by uploading multiple large files to the server.

EPSS

Процентиль: 81%

0.01505

Низкий

7.5 High

CVSS3

CVE ID

CVE-2017-7684

Дефекты

CWE-400