Lucene search
+L

5 matches found

NVD
NVD
added 2023/12/09 12:15 a.m.27 views

CVE-2023-49800

nuxt-api-party is an open source module to proxy API requests. The library allows the user to send many options directly to ofetch. There is no filter on which options are available. We can abuse the retry logic to cause the server to crash from a stack overflow. fetchOptions are obtained directl...

7.5CVSS0.00804EPSS
Exploits1References1
CVE
CVE
added 2023/12/08 11:41 p.m.54 views

CVE-2023-49800

CVE-2023-49800 affects the nuxt-api-party module. The issue arises from passing unfiltered fetchOptions from the request body into ofetch, allowing an attacker to craft a URL and set excessively high retry values, triggering recursive error handling that leads to a stack overflow and DoS. A fix i...

7.5CVSS7.5AI score0.00804EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/12/08 11:41 p.m.35 views

CVE-2023-49800 Denial of service by abusing `fetchOptions.retry` in nuxt-api-party

nuxt-api-party is an open source module to proxy API requests. The library allows the user to send many options directly to ofetch. There is no filter on which options are available. We can abuse the retry logic to cause the server to crash from a stack overflow. fetchOptions are obtained directl...

7.5CVSS7.7AI score0.00804EPSS
Exploits1References1
OSV
OSV
added 2023/12/08 11:41 p.m.5 views

CVE-2023-49800 Denial of service by abusing `fetchOptions.retry` in nuxt-api-party

nuxt-api-party is an open source module to proxy API requests. The library allows the user to send many options directly to ofetch. There is no filter on which options are available. We can abuse the retry logic to cause the server to crash from a stack overflow. fetchOptions are obtained directl...

7.5CVSS7.4AI score0.00804EPSS
Exploits1References3
Circl
Circl
added 2023/12/08 11:22 p.m.6 views

CVE-2023-49800

creationtimestamp| type| source ---|---|--- 2023-12-08 23:22:29+00:00| published-proof-of-concept| https://github.com/johannschopplich/nuxt-api-party/security/advisories/GHSA-q6hx-3m4p-749h...

7.5CVSS7.1AI score0.00804EPSS
Exploits1References1
Rows per page
Query Builder