Lucene search
China National Vulnerability DatabaseCNVD-2021-103650HistoryOct 24, 2021 - 12:00 a.m.
CamaleonCMS Denial of Service Vulnerability
2021-10-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
camaleoncms
denial of service
vulnerability
version 2.0.1-2.6.0
media upload
.svg file
rubyonrails-based
EPSS
0.001
Percentile
32.8%
CamaleonCMS is a RubyonRails-based advanced dynamic content management system (CMS) from the Camaleon CMS team.A denial-of-service vulnerability exists in Camaleon CMS versions 2.0.1 through 2.6.0, which stems from a vulnerability to uncaught exceptions in Camaleon CMS. An attacker with low privilege access could exploit the vulnerability to permanently crash the application’s media upload functionality when uploading a carefully crafted .svg file.
Related
osv
osv
CVE-2021-25971
2021-10-20 12:15:07
Camaleon CMS vulnerable to Uncaught Exception
2022-05-24 19:18:05
veracode
veracode
Improper Error Handling
2021-10-21 06:02:16
rubygems
rubygems
Camaleon CMS vulnerable to Uncaught Exception
2022-05-23 21:00:00
prion
prion
Design/Logic Flaw
2021-10-20 12:15:00
cve
cve
CVE-2021-25971
2021-10-20 12:15:07
github
github
Camaleon CMS vulnerable to Uncaught Exception
2022-05-24 19:18:05
nvd
nvd
CVE-2021-25971
2021-10-20 12:15:07
cvelist
cvelist