VYPR
Unrated severityNVD Advisory· Published Jul 30, 2024· Updated Aug 2, 2024

Discourse vulnerable to DoS via Tag Group

CVE-2024-37299

Description

Discourse is an open source discussion platform. Prior to 3.2.5 and 3.3.0.beta5, crafting requests to submit very long tag group names can reduce the availability of a Discourse instance. This vulnerability is fixed in 3.2.5 and 3.3.0.beta5.

Affected products

3

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.