Denial Of Service (DoS)

2022-10-1113:15:17

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

fat_free_crm

denial of service

vulnerability

bucket_empty function

task.rb

incomplete return statements

application crash

0.002 Low

EPSS

Percentile

53.4%

JSON

fat_free_crm is vulnerable to denial of service. The vulnerability exists in bucket_empty function of task.rb due to incomplete return statements which allows an attacker to remotely cause an application crash.

CPENameOperatorVersion
fat_free_crmle0.20.0
fat_free_crmle0.20.0

CPE	Name	Operator	Version
	fat_free_crm	le	0.20.0
	fat_free_crm	le	0.20.0

References

github.com/fatfreecrm/fat_free_crm/commit/c85a2546348c2692d32f952c753f7f0b43d1ca71

github.com/fatfreecrm/fat_free_crm/releases/tag/v0.20.1

github.com/fatfreecrm/fat_free_crm/security/advisories/GHSA-p75c-5x3h-cxcg

0.002 Low

EPSS

Percentile

53.4%

JSON

Related for VERACODE:37506