CVE-2023-3163

Опубликовано: 08 июн. 2023

Источник: nvd

CVSS3: 3.5

CVSS3: 7.5

CVSS2: 2.7

EPSS Низкий

Описание

A vulnerability was found in y_project RuoYi up to 4.7.7. It has been classified as problematic. Affected is the function filterKeyword. The manipulation of the argument value leads to resource consumption. VDB-231090 is the identifier assigned to this vulnerability.

Ссылки

https://gitee.com/y_project/RuoYi/issues/I78DOR
Exploit
https://vuldb.com/?ctiid.231090
Permissions Required
https://vuldb.com/?id.231090
Permissions Required
https://gitee.com/y_project/RuoYi/issues/I78DOR
Exploit
https://vuldb.com/?ctiid.231090
Permissions Required
https://vuldb.com/?id.231090
Permissions Required

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ruoyi:ruoyi:*:*:*:*:*:*:*:*

Версия до 4.7.7 (включая)

EPSS

Процентиль: 61%

0.00412

Низкий

3.5 Low

CVSS3

7.5 High

CVSS3

2.7 Low

CVSS2

Дефекты

CWE-400

CWE-89

Связанные уязвимости

GHSA-g3hh-q55f-9g3w

CVSS3: 3.5

github

больше 2 лет назад

RuoYi Uncontrolled Resource Consumption vulnerability

EPSS

Процентиль: 61%

0.00412

Низкий

3.5 Low

CVSS3

7.5 High

CVSS3

2.7 Low

CVSS2

Дефекты

CWE-400

CWE-89