Lucene search

K
prionPRIOn knowledge basePRION:CVE-2023-30591
HistorySep 29, 2023 - 6:15 a.m.

Design/Logic Flaw

2023-09-2906:15:00
PRIOn knowledge base
www.prio-n.com
6
design flaw
logic flaw
denial-of-service
nodebb
socket.io messages
unauthenticated attackers
crafted messages

0.001 Low

EPSS

Percentile

24.2%

Denial-of-service in NodeBB <= v2.8.10 allows unauthenticated attackers to trigger a crash, when invoking eventName.startsWith() or eventName.toString(), while processing Socket.IO messages via crafted Socket.IO messages containing array or object type for the event name respectively.

CPENameOperatorVersion
nodebble2.8.10

0.001 Low

EPSS

Percentile

24.2%

Related for PRION:CVE-2023-30591