Lucene search
PRIOn knowledge basePRION:CVE-2022-39281HistoryOct 08, 2022 - 1:15 a.m.
Design/Logic Flaw
2022-10-0801:15:00
PRIOn knowledge base
www.prio-n.com
3
ruby on rails
remote denial of service
vulnerability patch
0.002 Low
EPSS
Percentile
53.4%
fat_free_crm is a an open source, Ruby on Rails customer relationship management platform (CRM). In versions prior to 0.20.1 an authenticated user can perform a remote Denial of Service attack against Fat Free CRM via bucket access. The vulnerability has been patched in commit c85a254 and will be available in release 0.20.1. Users are advised to upgrade or to manually apply patch c85a254. There are no known workarounds for this issue.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fatfreecrm | lt | 0.20.1 |
Related
github
github
Fat Free CRM vulnerable to Remote Denial of Service via Tasks endpoint
2022-10-07 21:19:01
cvelist
cvelist
CVE-2022-39281 Remote Denial of Service via Tasks endpoint in fat_free_crm
2022-10-08 00:00:00
osv
osv
Fat Free CRM vulnerable to Remote Denial of Service via Tasks endpoint
2022-10-07 21:19:01
CVE-2022-39281
2022-10-08 01:15:08
cve
cve
CVE-2022-39281
2022-10-08 01:15:08
nvd
nvd
CVE-2022-39281
2022-10-08 01:15:08
veracode
veracode
Denial Of Service (DoS)
2022-10-11 13:15:17
rubygems
rubygems
Fat Free CRM vulnerable to Remote Denial of Service via Tasks endpoint
2022-10-06 21:00:00