Lucene search

China National Vulnerability DatabaseCNVD-2022-68283

HistoryOct 10, 2022 - 12:00 a.m.

NocoDB Resource Management Error Vulnerability

2022-10-1000:00:00

China National Vulnerability Database

www.cnvd.org.cn

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

JSON

NocoDB is an open source Airtable replacement. A resource management error vulnerability exists in versions of NocoDB prior to 0.92.0, which stems from allowing the insertion of large characters into the input field “New Project” in the creation field. ", an attacker could use this vulnerability to cause a denial of service (DoS) via a crafted HTTP request.

CPENameOperatorVersion
nocodb nocodblt0.92.0

CPE	Name	Operator	Version
	nocodb nocodb	lt	0.92.0

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

JSON

Related for CNVD-2022-68283