BIT-discourse-2022-23548
See a problem?- Import Source
- https://github.com/bitnami/vulndb/tree/main/data/discourse/BIT-discourse-2022-23548.json
- JSON Data
- https://api.osv.dev/v1/vulns/BIT-discourse-2022-23548
- Aliases
- Published
- 2024-03-06T11:07:21.771Z
- Modified
- 2025-04-03T14:40:37.652Z
- Summary
- [none]
- Details
-
Discourse is an option source discussion platform. Prior to version 2.8.14 on the
stablebranch, parsing posts can be susceptible to regular expression denial of service (ReDoS) attacks. This issue is patched in version 2.8.14. There are no known workarounds. - Database specific
{ "cpes": [ "cpe:2.3:a:discourse:discourse:*:*:*:*:*:*:*:*" ], "severity": "Medium" }- References
Affected packages
Bitnami / discourse
Package
- Name
- discourse
- Purl
- pkg:bitnami/discourse
Severity
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator