VYPR
Moderate severityNVD Advisory· Published Oct 20, 2021· Updated Apr 30, 2025

Camaleon CMS - SVG File Upload Creates DoS for Media Upload Feature

CVE-2021-25971

Description

In Camaleon CMS, versions 2.0.1 to 2.6.0 are vulnerable to an Uncaught Exception. The app's media upload feature crashes permanently when an attacker with a low privileged access uploads a specially crafted .svg file

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
camaleon_cmsRubyGems
>= 2.0.1, < 2.6.0.12.6.0.1

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.