PT-2014-2323 · Plone · Kupu+1

Richard Mitchell

Publicado

2014-09-30

Atualizado

2022-05-17

CVE-2012-5496

CVSS v4.0

8.7

Alta

Vetor

AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions Kupu in Plone versions prior to 4.0

Description The issue allows remote attackers to cause a denial of service, specifically a ZServer thread lock, by using a crafted URL.

Recommendations For versions prior to 4.0, update to version 4.0 or later to resolve the issue.

Correção

DoS

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2012-5496

GHSA-GX6W-HCW3-5R37

PYSEC-2014-38

Kupu

Plone