GoogleOSV:GO-2023-2017Denial of service vulnerability in github.com/weaviate/weaviate
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
36.2%
A type conversion issue in Weaviate may allow a remote attack that would cause a denial of service.
References
github.com/weaviate/weaviate/commit/2a7b208d9aca07e28969e3be82689c184ccf9118
github.com/weaviate/weaviate/issues/3258
github.com/weaviate/weaviate/pull/3431
github.com/weaviate/weaviate/releases/tag/v1.18.6
github.com/weaviate/weaviate/releases/tag/v1.19.13
github.com/weaviate/weaviate/releases/tag/v1.20.6
github.com/weaviate/weaviate/security/advisories/GHSA-8697-479h-5mfp
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
36.2%