3 matches found
CVE-2025-61668
CVE-2025-61668 affects Volto (Plone ReactJS frontend). Versions 16.34.0 and earlier; 17.0.0–17.22.1; 18.0.0–18.27.1; and 19.0.0-alpha.1–19.0.0-alpha.5 allow an anonymous user to trigger a NodeJS server crash by visiting a specific URL. Root cause: improper handling of a crafted URL request leadin...
GHSA-M8RJ-PPPH-MJ33 @plone/volto vulnerable to potential DoS by invoking specific URL by anonymous user
Impact When visiting a specific URL, an anonymous user could cause the NodeJS server part of Volto to quit with an error. Patches The problem has been patched and the patch has been backported to Volto major versions down until 16. It is advised to upgrade to the latest patch release of your...
GHSA-XJHF-7833-3PM5 Volto affected by possible DoS by invoking specific URL by anonymous user
Impact When visiting a specific URL, an anonymous user could cause the NodeJS server part of Volto to quit with an error. Patches The problem has been patched and the patch has been backported to Volto major versions down until 16. It is advised to upgrade to the latest patch release of your...