CVE-2020-8123

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-8123

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-8123.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-8123

Aliases

GHSA-23fp-fmrv-f5px

Published

2020-02-04T20:15:14Z

Modified

2025-01-14T08:41:20.456558Z

Severity

4.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

A denial of service exists in strapi v3.0.0-beta.18.3 and earlier that can be abused in the admin console using admin rights can lead to arbitrary restart of the application.

References

https://hackerone.com/reports/768574

Affected packages

Git / github.com/strapi/strapi

Affected ranges

Type: GIT
Repo: https://github.com/strapi/strapi
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

6bb7a7f198b13b0780547285d4214704ce991c23

Affected versions

v1.*

v1.0.0

v1.0.1

v1.0.2

v1.0.3

v1.0.4

v1.0.5

v1.0.6

v1.1.0

v1.2.0

v1.3.0

v1.3.1

v1.4.0

v1.4.1

v1.5.0

v1.5.1

v1.5.2

v1.5.3

v1.5.4

v3.*

v3.0.0-alpha.10.1

v3.0.0-alpha.10.2

v3.0.0-alpha.10.3

v3.0.0-alpha.11

v3.0.0-alpha.11.1

v3.0.0-alpha.11.2

v3.0.0-alpha.11.3

v3.0.0-alpha.12

v3.0.0-alpha.12.1

v3.0.0-alpha.12.2

v3.0.0-alpha.12.3

v3.0.0-alpha.12.4

v3.0.0-alpha.12.5

v3.0.0-alpha.12.6

v3.0.0-alpha.12.7

v3.0.0-alpha.12.7.1

v3.0.0-alpha.13

v3.0.0-alpha.13.0.1

v3.0.0-alpha.13.1

v3.0.0-alpha.14

v3.0.0-alpha.14.1

v3.0.0-alpha.14.1.1

v3.0.0-alpha.14.2

v3.0.0-alpha.14.3

v3.0.0-alpha.14.4.0

v3.0.0-alpha.14.5

v3.0.0-alpha.15

v3.0.0-alpha.16

v3.0.0-alpha.17

v3.0.0-alpha.18

v3.0.0-alpha.19

v3.0.0-alpha.20

v3.0.0-alpha.21

v3.0.0-alpha.22

v3.0.0-alpha.23

v3.0.0-alpha.23.1

v3.0.0-alpha.24

v3.0.0-alpha.24.1

v3.0.0-alpha.25

v3.0.0-alpha.25.1

v3.0.0-alpha.25.2

v3.0.0-alpha.26

v3.0.0-alpha.26.1

v3.0.0-alpha.26.2

v3.0.0-alpha.4

v3.0.0-alpha.4.8

v3.0.0-alpha.5.3

v3.0.0-alpha.5.5

v3.0.0-alpha.6.3

v3.0.0-alpha.6.4

v3.0.0-alpha.6.7

v3.0.0-alpha.7.3

v3.0.0-alpha.8

v3.0.0-alpha.8.3

v3.0.0-alpha.9

v3.0.0-alpha.9.1

v3.0.0-alpha.9.2

v3.0.0-beta.0

v3.0.0-beta.1

v3.0.0-beta.10

v3.0.0-beta.11

v3.0.0-beta.12

v3.0.0-beta.13

v3.0.0-beta.14

v3.0.0-beta.15

v3.0.0-beta.16

v3.0.0-beta.16.1

v3.0.0-beta.16.2

v3.0.0-beta.16.3

v3.0.0-beta.16.4

v3.0.0-beta.16.5

v3.0.0-beta.16.6

v3.0.0-beta.16.7

v3.0.0-beta.16.8

v3.0.0-beta.17

v3.0.0-beta.17.1

v3.0.0-beta.17.2

v3.0.0-beta.17.3

v3.0.0-beta.17.4

v3.0.0-beta.17.5

v3.0.0-beta.17.6

v3.0.0-beta.17.7

v3.0.0-beta.17.8

v3.0.0-beta.18

v3.0.0-beta.18.1

v3.0.0-beta.18.2

v3.0.0-beta.18.3

v3.0.0-beta.18.4

v3.0.0-beta.18.5

v3.0.0-beta.18.6

v3.0.0-beta.18.7

v3.0.0-beta.18.8

v3.0.0-beta.19

v3.0.0-beta.19.1

v3.0.0-beta.19.2

v3.0.0-beta.19.3

v3.0.0-beta.19.4

v3.0.0-beta.19.5

v3.0.0-beta.2

v3.0.0-beta.20

v3.0.0-beta.20.1

v3.0.0-beta.20.2

v3.0.0-beta.20.3

v3.0.0-beta.3

v3.0.0-beta.4

v3.0.0-beta.5

v3.0.0-beta.6

v3.0.0-beta.7

v3.0.0-beta.8

v3.0.0-beta.9

v3.0.0-rc.0

v3.0.0-rc.1