3 matches found
GHSA-3RW2-WFC8-WMJ5 Fides Webserver Vulnerable to SVG Bomb File Uploads
Impact The Fides webserver is vulnerable to a type of Denial of Service DoS attack. Attackers can exploit this vulnerability to upload zip files containing malicious SVG bombs similar to a billion laughs attack, causing resource exhaustion in Admin UI browser tabs and creating a persistent denial...
CVE-2023-37480 Fides Webserver Vulnerable to Zip Bomb File Uploads
Fides is an open-source privacy engineering platform for managing data privacy requests and privacy regulations. The Fides webserver is vulnerable to a type of Denial of Service DoS attack. Attackers can exploit a weakness in the connector template upload feature to upload a malicious zip bomb...
CVE-2023-37480 Fides Webserver Vulnerable to Zip Bomb File Uploads
Fides is an open-source privacy engineering platform for managing data privacy requests and privacy regulations. The Fides webserver is vulnerable to a type of Denial of Service DoS attack. Attackers can exploit a weakness in the connector template upload feature to upload a malicious zip bomb...