Описание
The Misery module 6.x-2.x before 6.x-2.5 and 7.x-2.x before 7.x-2.2 for Drupal, when the "delay misery" configuration is set to a high value, allows remote attackers to cause a denial of service (process consumption) via multiple requests.
Ссылки
- Patch
- Patch
- Vendor Advisory
- Patch
- Patch
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:misery_project:misery:6.x-2.0:-:-:*:-:drupal:*:*
cpe:2.3:a:misery_project:misery:6.x-2.1:-:-:*:-:drupal:*:*
cpe:2.3:a:misery_project:misery:6.x-2.2:-:-:*:-:drupal:*:*
cpe:2.3:a:misery_project:misery:6.x-2.3:-:-:*:-:drupal:*:*
cpe:2.3:a:misery_project:misery:6.x-2.4:-:-:*:-:drupal:*:*
cpe:2.3:a:misery_project:misery:7.x-2.0:-:-:*:-:drupal:*:*
cpe:2.3:a:misery_project:misery:7.x-2.1:-:-:*:-:drupal:*:*
EPSS
Процентиль: 71%
0.00683
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-399
Связанные уязвимости
github
больше 3 лет назад
The Misery module 6.x-2.x before 6.x-2.5 and 7.x-2.x before 7.x-2.2 for Drupal, when the "delay misery" configuration is set to a high value, allows remote attackers to cause a denial of service (process consumption) via multiple requests.
EPSS
Процентиль: 71%
0.00683
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-399