Описание
A flaw was found in Forgejo. A remote attacker could exploit this vulnerability in the attachment component by uploading a multi-gigabyte file attachment, such as to an issue or a release. This could lead to a Denial of Service (DoS), making the service unavailable to legitimate users.
Отчет
This MODERATE vulnerability in Forgejo allows authenticated users to cause denial of service by uploading excessively large file attachments. Exploitation requires low privileges (valid account) and is network-accessible. Impact is high availability loss due to resource exhaustion. Affects Forgejo through version 13.0.3.
Дополнительная информация
Статус:
6.5 Medium
CVSS3
Связанные уязвимости
In Forgejo through 13.0.3, the attachment component allows a denial of service by uploading a multi-gigabyte file attachment (e.g., to be associated with an issue or a release).
In Forgejo through 13.0.3, the attachment component allows a denial of ...
In Forgejo through 13.0.3, the attachment component allows a denial of service by uploading a multi-gigabyte file attachment (e.g., to be associated with an issue or a release).
6.5 Medium
CVSS3