Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:50 a.m.5 views

CVE-2023-32699

MeterSphere is an open source continuous testing platform. Version 2.9.1 and prior are vulnerable to denial of service. ​The checkUserPassword method is used to check whether the password provided by the user matches the password saved in the database, and the CodingUtil.md5 method is used to...

6.5CVSS7AI score0.00587EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/07/17 12:0 a.m.5 views

MeterSphere 路径遍历漏洞

MeterSphere is MeterSphere open source one-stop open source continuous testing platform. A path traversal vulnerability exists in Metersphere version v2.10.0-lts-b4. An attacker exploiting this vulnerability could overwrite files that the Metersphere process is authorized to access...

9.8CVSS8.5AI score0.00537EPSS
Exploits1References2
Prion
Prion
added 2023/05/30 7:15 p.m.16 views

Design/Logic Flaw

MeterSphere is an open source continuous testing platform. Version 2.9.1 and prior are vulnerable to denial of service. ?The checkUserPassword method is used to check whether the password provided by the user matches the password saved in the database, and the CodingUtil.md5 method is used to...

4CVSS6.4AI score0.00587EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/30 6:59 p.m.7 views

CVE-2023-32699 MeterSphere denial of service vulnerability

MeterSphere is an open source continuous testing platform. Version 2.9.1 and prior are vulnerable to denial of service. ​The checkUserPassword method is used to check whether the password provided by the user matches the password saved in the database, and the CodingUtil.md5 method is used to...

6.5CVSS7AI score0.00587EPSS
Exploits1References2
CVE
CVE
added 2023/05/30 6:59 p.m.53 views

CVE-2023-32699

MeterSphere is affected by a denial-of-service vulnerability in versions up to 2.9.1. The issue arises when a user submits an excessively long password during login, triggering the MD5-based password hashing (CodingUtil.md5) to run for the long password and exhaust server CPU/memory, potentially ...

6.5CVSS6.4AI score0.00587EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/05/30 6:59 p.m.23 views

CVE-2023-32699 MeterSphere denial of service vulnerability

MeterSphere is an open source continuous testing platform. Version 2.9.1 and prior are vulnerable to denial of service. ​The checkUserPassword method is used to check whether the password provided by the user matches the password saved in the database, and the CodingUtil.md5 method is used to...

6.5CVSS6.5AI score0.00587EPSS
Exploits1References4
Rows per page
Query Builder