Allocation of Resources Without Limits or Throttling in nocodb/nocodb
CVE-2022-3423

7.3HIGH

Key Information:

Vendor: Nocodb
Status: Nocodb/nocodb
Vendor: CVE Published:; 7 October 2022

What is CVE-2022-3423?

Allocation of Resources Without Limits or Throttling in GitHub repository nocodb/nocodb prior to 0.92.0.

Affected Version(s)

nocodb/nocodb < 0.92.0

References

https://github.com/nocodb/nocodb/commit/000ecd886738b965b...

https://huntr.dev/bounties/94639d8e-8301-4432-ab80-e76e13...

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Oct 7, 2022
Vulnerability Reserved
Oct 7, 2022

.