forked from aquasecurity/vuln-list
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathGHSA-pcwm-8jc3-qxvj.json
127 lines (127 loc) · 2.82 KB
/
GHSA-pcwm-8jc3-qxvj.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
{
"id": "GHSA-pcwm-8jc3-qxvj",
"modified": "2022-08-13T03:32:46.019560Z",
"published": "2018-07-23T19:50:52Z",
"aliases": [
"CVE-2011-4462"
],
"summary": "Moderate severity vulnerability that affects Plone",
"details": "Plone 4.1.3 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.",
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "Plone",
"purl": "pkg:pypi/Plone"
},
"ranges": [
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "0"
},
{
"fixed": "4.1.4"
}
]
}
],
"versions": [
"3.2",
"3.2.1",
"3.2.2",
"3.2.3",
"3.2a1",
"3.2rc1",
"3.3",
"3.3.1",
"3.3.2",
"3.3.3",
"3.3.4",
"3.3.5",
"3.3.6",
"3.3b1",
"3.3rc1",
"3.3rc2",
"3.3rc3",
"3.3rc4",
"3.3rc5",
"4.0",
"4.0.1",
"4.0.10",
"4.0.2",
"4.0.3",
"4.0.4",
"4.0.5",
"4.0.6",
"4.0.7",
"4.0.8",
"4.0.9",
"4.0a1",
"4.0a2",
"4.0a3",
"4.0a4",
"4.0a5",
"4.0b1",
"4.0b2",
"4.0b3",
"4.0b4",
"4.0b5",
"4.0rc1",
"4.1",
"4.1.1",
"4.1.2",
"4.1.3",
"4.1a1",
"4.1a2",
"4.1a3",
"4.1b1",
"4.1b2",
"4.1rc2",
"4.1rc3"
],
"database_specific": {
"source": "https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/07/GHSA-pcwm-8jc3-qxvj/GHSA-pcwm-8jc3-qxvj.json"
}
}
],
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4462"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72018"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-pcwm-8jc3-qxvj"
},
{
"type": "PACKAGE",
"url": "https://github.com/plone/plone"
},
{
"type": "WEB",
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/47406"
},
{
"type": "WEB",
"url": "http://www.kb.cert.org/vuls/id/903934"
},
{
"type": "WEB",
"url": "http://www.nruns.com/_downloads/advisory28122011.pdf"
},
{
"type": "WEB",
"url": "http://www.ocert.org/advisories/ocert-2011-003.html"
}
]
}