GHSA-hggr-p7v6-73p5

Опубликовано: 28 дек. 2022

Источник: github

Github: Прошло ревью

CVSS3: 6.4

Описание

revel is vulnerable to resource exhaustion

Unsanitized input in the query parser in github.com/revel/revel before v1.0.0 allows remote attackers to cause resource exhaustion via memory allocation.

Ссылки

Пакеты

Наименование

github.com/revel/revel

Затронутые версииВерсия исправления

< 1.0.0

1.0.0

EPSS

Процентиль: 78%

0.01092

Низкий

6.4 Medium

CVSS3

CVE ID

CVE-2020-36568

Дефекты

CWE-400

CWE-770

Связанные уязвимости

CVE-2020-36568

CVSS3: 7.5

ubuntu

около 3 лет назад

Unsanitized input in the query parser in github.com/revel/revel before v1.0.0 allows remote attackers to cause resource exhaustion via memory allocation.

CVE-2020-36568

CVSS3: 7.5

nvd

около 3 лет назад

Unsanitized input in the query parser in github.com/revel/revel before v1.0.0 allows remote attackers to cause resource exhaustion via memory allocation.

CVE-2020-36568

CVSS3: 7.5

debian

около 3 лет назад

Unsanitized input in the query parser in github.com/revel/revel before ...

EPSS

Процентиль: 78%

0.01092

Низкий

6.4 Medium

CVSS3

CVE ID

CVE-2020-36568

Дефекты

CWE-400

CWE-770