CVE-2021-36802

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-36802
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-36802.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-36802
Published
2021-08-04T23:15:08Z
Modified
2024-09-03T03:54:11.532982Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Akaunting version 2.1.12 and earlier suffers from a denial-of-service issue that is triggered by setting a malformed 'locale' variable and sending it in an otherwise normal HTTP POST request. This issue was fixed in version 2.1.13 of the product.

References

Affected packages

Git / github.com/akaunting/akaunting

Affected ranges

Type
GIT
Repo
https://github.com/akaunting/akaunting
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

1.*

1.0.0
1.0.1
1.0.10
1.0.11
1.0.12
1.0.2
1.0.3
1.0.4
1.0.5
1.0.6
1.0.7
1.0.8
1.0.9
1.1.0
1.1.1
1.1.10
1.1.11
1.1.12
1.1.13
1.1.14
1.1.15
1.1.2
1.1.3
1.1.4
1.1.5
1.1.6
1.1.7
1.1.8
1.1.9
1.2.0
1.2.0rc
1.2.1
1.2.10
1.2.11
1.2.12
1.2.13
1.2.14
1.2.15
1.2.16
1.2.2
1.2.3
1.2.4
1.2.5
1.2.6
1.2.7
1.2.8
1.2.9
1.3.0
1.3.0rc
1.3.0rc2
1.3.0rc3
1.3.1
1.3.10
1.3.11
1.3.12
1.3.13
1.3.14
1.3.15
1.3.16
1.3.17
1.3.2
1.3.3
1.3.4
1.3.5
1.3.6
1.3.7
1.3.8
1.3.9

2.*

2.0.0
2.0.1
2.0.10
2.0.11
2.0.12
2.0.13
2.0.14
2.0.15
2.0.16
2.0.17
2.0.18
2.0.19
2.0.2
2.0.20
2.0.21
2.0.22
2.0.23
2.0.24
2.0.25
2.0.26
2.0.3
2.0.4
2.0.5
2.0.6
2.0.7
2.0.8
2.0.9
2.1.0
2.1.0rc
2.1.1
2.1.10
2.1.11
2.1.12
2.1.2
2.1.3
2.1.4
2.1.5
2.1.6
2.1.7
2.1.8
2.1.9