Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2023/07/18 7:23 p.m.21 views

Fides Webserver Vulnerable to SVG Bomb File Uploads

Impact The Fides webserver is vulnerable to a type of Denial of Service DoS attack. Attackers can exploit this vulnerability to upload zip files containing malicious SVG bombs similar to a billion laughs attack, causing resource exhaustion in Admin UI browser tabs and creating a persistent denial...

4.9CVSS6.8AI score0.00579EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2023/07/18 7:23 p.m.13 views

GHSA-3RW2-WFC8-WMJ5 Fides Webserver Vulnerable to SVG Bomb File Uploads

Impact The Fides webserver is vulnerable to a type of Denial of Service DoS attack. Attackers can exploit this vulnerability to upload zip files containing malicious SVG bombs similar to a billion laughs attack, causing resource exhaustion in Admin UI browser tabs and creating a persistent denial...

2.7CVSS4.4AI score0.00579EPSS
Exploits0References5
Prion
Prion
added 2023/07/18 7:15 p.m.18 views

Design/Logic Flaw

Fides is an open-source privacy engineering platform for managing data privacy requests and privacy regulations. The Fides webserver is vulnerable to a type of Denial of Service DoS attack. Attackers can exploit this vulnerability to upload zip files containing malicious SVG bombs similar to a...

3.3CVSS5.1AI score0.00579EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/18 6:19 p.m.10 views

CVE-2023-37481 Fides Webserver Vulnerable to SVG Bomb File Uploads

Fides is an open-source privacy engineering platform for managing data privacy requests and privacy regulations. The Fides webserver is vulnerable to a type of Denial of Service DoS attack. Attackers can exploit this vulnerability to upload zip files containing malicious SVG bombs similar to a...

2.7CVSS6.7AI score0.00579EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/07/18 6:19 p.m.29 views

CVE-2023-37481 Fides Webserver Vulnerable to SVG Bomb File Uploads

Fides is an open-source privacy engineering platform for managing data privacy requests and privacy regulations. The Fides webserver is vulnerable to a type of Denial of Service DoS attack. Attackers can exploit this vulnerability to upload zip files containing malicious SVG bombs similar to a...

2.7CVSS5.4AI score0.00579EPSS
Exploits0References2
Rows per page
Query Builder