5 matches found
FreeBSD : py-wagtail -- DoS vulnerability (2def7c4b-736f-4754-9f03-236fcb586d91)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 2def7c4b-736f-4754-9f03-236fcb586d91 advisory. - Wagtail is an open source content management system built on Django. Prior to versions 4.1.4 and 4.2....
CVE-2023-28837
creationtimestamp| type| source ---|---|--- 2023-04-03 20:30:17+00:00| seen| https://t.me/cibsecurity/61341 2023-04-03 22:18:40+00:00| seen| Telegram/OB45uV-dPChJeZygU8z4WACld88FS-JfeS3TjfOCLvJQ...
aimmo (>=0.57.1 <=1.3.1b671), cfl-common (>=4.3.0 <=5.26.7) +116 more potentially affected by CVE-2023-28837 via wagtail (>=1.0.0 <=4.0.4)
wagtail PYPI version =1.0.0, =0.57.1, =4.3.0, =2.28.0, =0.5.0, =0.3.1, =0.1.29, =0.2.0, =2.0.3, =0.1.1, =0.2.4, =5.22.3, =10.2.9 and more Source cves: CVE-2023-28837 Source advisory: OSV:GHSA-33PV-VCGH-JFG9...
aimmo (>=0.57.1 <=1.3.1b671), cfl-common (>=4.3.0 <=5.26.7) +116 more potentially affected by CVE-2023-28837 via wagtail (>=1.0.0 <=4.0.4)
wagtail PYPI version =1.0.0, =0.57.1, =4.3.0, =2.28.0, =0.5.0, =0.3.1, =0.1.29, =0.2.0, =2.0.3, =0.1.1, =0.2.4, =5.22.3, =10.2.9 and more Source cves: CVE-2023-28837 Source advisory: OSV:PYSEC-2023-56...
CVE-2023-28837
Wagtail before versions 4.1.4 and 4.2.2 contains a memory exhaustion DoS when uploading large image/document files. During upload, files are loaded into memory for further processing, and an admin user with upload permissions could crash the system by sending a large file. The entry notes that or...