Lucene search

CVE-2023-22739

🗓️ 26 Jan 2023 21:13:18Reported by GitHub_MType

Discourse 3.0.1 and 3.1.0.beta2 are vulnerable to resource allocation without limit

Reporter	Title	Published	Views	Family All 8
Prion	Command injection	26 Jan 202321:18	–	prion
Cvelist	CVE-2023-22739 Discourse subject to Allocation of Resources Without Limits or Throttling	26 Jan 202308:45	–	cvelist
OSV	CVE-2023-22739	26 Jan 202321:18	–	osv
OSV	BIT-discourse-2023-22739	6 Mar 202411:01	–	osv
Vulnrichment	CVE-2023-22739 Discourse subject to Allocation of Resources Without Limits or Throttling	26 Jan 202308:45	–	vulnrichment
NVD	CVE-2023-22739	26 Jan 202321:18	–	nvd
OpenVAS	Discourse 3.1.x < 3.1.0.beta2 Multiple Vulnerabilities	27 Jan 202300:00	–	openvas
OpenVAS	Discourse < 3.0.1 Multiple Vulnerabilities	27 Jan 202300:00	–	openvas

Nvd

Vulners

Node

discourse discourseRange<3.0.1

discourse discourseMatch3.1.0beta1beta

[
  {
    "vendor": "discourse",
    "product": "discourse",
    "versions": [
      {
        "version": "stable < 3.0.1",
        "status": "affected"
      },
      {
        "version": "beta < 3.1.0.beta2",
        "status": "affected"
      },
      {
        "version": "tests-passed <3.1.0.beta2",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/discourse/discourse/security/advisories/GHSA-rqgr-g6v7-jcfc

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

26 Jan 2023 21:18Current

6.3Medium risk

Vulners AI Score6.3

CVSS36.5

EPSS0.00076

SSVC

CWE-770