OpenMage LTS has DoS vulnerability in MaliciousCode filter
CVE-2023-23617
4.9MEDIUM
What is CVE-2023-23617?
OpenMage LTS, a popular e-commerce platform, is susceptible to an infinite loop vulnerability within its malicious code filtering mechanism. In certain conditions, the vulnerability can be triggered, leading to potential denial-of-service scenarios. This affects all versions prior to 19.4.22 and 20.0.19, however, these versions contain a fix for the issue. Mitigation is crucial as no known workarounds are available.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
magento-lts < 19.4.22 < 19.4.22
magento-lts >= 20.0.0, < 20.0.19 < 20.0.0, 20.0.19
References
CVSS V3.1
Score:
4.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved