CVE-2023-41042 – Discourse DoS via remote theme assets
https://notcve.org/view.php?id=CVE-2023-41042
Discourse is an open-source discussion platform. Prior to version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches, importing a remote theme loads their assets into memory without enforcing limits for file size or number of files. The issue is patched in version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches. There are no known workarounds. Discourse es una plataforma de debate de código abierto. • https://github.com/discourse/discourse/security/advisories/GHSA-2fq5-x3mm-v254 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2023-40588 – Discourse DoS via 2FA and Security Key Names
https://notcve.org/view.php?id=CVE-2023-40588
Discourse is an open-source discussion platform. Prior to version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches, a malicious user could add a 2FA or security key with a carefully crafted name to their account and cause a denial of service for other users. The issue is patched in version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches. There are no known workarounds. Discourse es una plataforma de debate de código abierto. • https://github.com/discourse/discourse/security/advisories/GHSA-2hg5-3xm3-9vvx • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2023-38706 – Discourse vulnerable to DoS via drafts
https://notcve.org/view.php?id=CVE-2023-38706
Discourse is an open-source discussion platform. Prior to version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches, a malicious user can create an unlimited number of drafts with very long draft keys which may end up exhausting the resources on the server. The issue is patched in version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches. There are no known workarounds. Discourse es una plataforma de debate de código abierto. • https://github.com/discourse/discourse/security/advisories/GHSA-7wpp-4pqg-gvp8 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2023-38685 – Discourse's restricted tag information visible to unauthenticated users
https://notcve.org/view.php?id=CVE-2023-38685
Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, information about restricted-visibility topic tags could be obtained by unauthorized users. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches. • https://github.com/discourse/discourse/commit/073661142369a0a66c25775cc3870582a679ef8b https://github.com/discourse/discourse/security/advisories/GHSA-wx6x-q4gp-mgv5 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2023-38684 – Discourse vulnerable to ossible DDoS due to unbounded limits in various controller actions
https://notcve.org/view.php?id=CVE-2023-38684
Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, in multiple controller actions, Discourse accepts limit params but does not impose any upper bound on the values being accepted. Without an upper bound, the software may allow arbitrary users to generate DB queries which may end up exhausting the resources on the server. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches. There are no known workarounds for this vulnerability. • https://github.com/discourse/discourse/commit/bfc3132bb22bd5b7e86f428746b89c4d3d7f5a70 https://github.com/discourse/discourse/security/advisories/GHSA-ff7g-xv79-hgmf • CWE-770: Allocation of Resources Without Limits or Throttling •