CVE-2023-47120
Discourse DoS through Onebox favicon URL
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Discourse is an open source platform for community discussion. In versions 3.1.0 through 3.1.2 of the `stable` branch and versions 3.1.0,beta6 through 3.2.0.beta2 of the `beta` and `tests-passed` branches, Redis memory can be depleted by crafting a site with an abnormally long favicon URL and drafting multiple posts which Onebox it. The issue is patched in version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches. There are no known workarounds.
Discourse es una plataforma de código abierto para el debate comunitario. En las versiones 3.1.0 a 3.1.2 de la rama "stable" y en las versiones 3.1.0, beta6 a 3.2.0.beta2 de las ramas "beta" y "tests-passed", la memoria de Redis se puede agotar al crear un sitio con una URL de favicon anormalmente larga y redactando múltiples publicaciones en Onebox. El problema se solucionó en la versión 3.1.3 de la rama "stable" y en la versión 3.2.0.beta3 de las ramas "beta" y "tests-passed". No se conocen workarounds.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2023-10-30 CVE Reserved
- 2023-11-10 CVE Published
- 2024-09-03 CVE Updated
- 2024-11-16 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-770: Allocation of Resources Without Limits or Throttling
CAPEC
References (3)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://github.com/discourse/discourse/security/advisories/GHSA-77cw-xhj8-hfp3 | 2023-11-17 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Discourse Search vendor "Discourse" | Discourse Search vendor "Discourse" for product "Discourse" | >= 3.1.0 < 3.1.3 Search vendor "Discourse" for product "Discourse" and version " >= 3.1.0 < 3.1.3" | stable |
Affected
| ||||||
Discourse Search vendor "Discourse" | Discourse Search vendor "Discourse" for product "Discourse" | 3.1.0 Search vendor "Discourse" for product "Discourse" and version "3.1.0" | beta6, beta |
Affected
| ||||||
Discourse Search vendor "Discourse" | Discourse Search vendor "Discourse" for product "Discourse" | 3.1.0 Search vendor "Discourse" for product "Discourse" and version "3.1.0" | beta7, beta |
Affected
| ||||||
Discourse Search vendor "Discourse" | Discourse Search vendor "Discourse" for product "Discourse" | 3.1.0 Search vendor "Discourse" for product "Discourse" and version "3.1.0" | beta8, beta |
Affected
| ||||||
Discourse Search vendor "Discourse" | Discourse Search vendor "Discourse" for product "Discourse" | 3.2.0 Search vendor "Discourse" for product "Discourse" and version "3.2.0" | beta1, beta |
Affected
| ||||||
Discourse Search vendor "Discourse" | Discourse Search vendor "Discourse" for product "Discourse" | 3.2.0 Search vendor "Discourse" for product "Discourse" and version "3.2.0" | beta2, beta |
Affected
|