VYPR
Unrated severityNVD Advisory· Published Feb 8, 2023· Updated Mar 10, 2025

Regular expression denial of service via installing themes via git in discourse

CVE-2023-25167

Description

Discourse is an open source discussion platform. In affected versions a malicious user can cause a regular expression denial of service using a carefully crafted git URL. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to upgrade. There are no known workarounds for this issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.