OX App Suite before backend 7.10.6-rev37 does not check size limits when downloading, e.g., potentially allowing a crafted iCal feed to provide an unlimited amount of data.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/24xxx/CVE-2023-24603.json",
"cna_assigner": "mitre"
}{
"cpe": [
"cpe:2.3:a:open-xchange:ox_app_suite:*:*:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:-:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev10:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev11:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev12:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev13:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev14:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev15:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev16:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev17:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev18:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev19:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev20:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev21:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev22:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev23:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev24:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev25:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev26:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev27:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev28:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev29:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev30:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev31:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev32:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev33:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev34:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev35:*:*:*:*:*:*",
"cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev36:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "7.10.6"
},
{
"introduced": "7.10.6-NA"
},
{
"last_affected": "7.10.6-NA"
},
{
"introduced": "7.10.6-rev10"
},
{
"last_affected": "7.10.6-rev10"
},
{
"introduced": "7.10.6-rev11"
},
{
"last_affected": "7.10.6-rev11"
},
{
"introduced": "7.10.6-rev12"
},
{
"last_affected": "7.10.6-rev12"
},
{
"introduced": "7.10.6-rev13"
},
{
"last_affected": "7.10.6-rev13"
},
{
"introduced": "7.10.6-rev14"
},
{
"last_affected": "7.10.6-rev14"
},
{
"introduced": "7.10.6-rev15"
},
{
"last_affected": "7.10.6-rev15"
},
{
"introduced": "7.10.6-rev16"
},
{
"last_affected": "7.10.6-rev16"
},
{
"introduced": "7.10.6-rev17"
},
{
"last_affected": "7.10.6-rev17"
},
{
"introduced": "7.10.6-rev18"
},
{
"last_affected": "7.10.6-rev18"
},
{
"introduced": "7.10.6-rev19"
},
{
"last_affected": "7.10.6-rev19"
},
{
"introduced": "7.10.6-rev20"
},
{
"last_affected": "7.10.6-rev20"
},
{
"introduced": "7.10.6-rev21"
},
{
"last_affected": "7.10.6-rev21"
},
{
"introduced": "7.10.6-rev22"
},
{
"last_affected": "7.10.6-rev22"
},
{
"introduced": "7.10.6-rev23"
},
{
"last_affected": "7.10.6-rev23"
},
{
"introduced": "7.10.6-rev24"
},
{
"last_affected": "7.10.6-rev24"
},
{
"introduced": "7.10.6-rev25"
},
{
"last_affected": "7.10.6-rev25"
},
{
"introduced": "7.10.6-rev26"
},
{
"last_affected": "7.10.6-rev26"
},
{
"introduced": "7.10.6-rev27"
},
{
"last_affected": "7.10.6-rev27"
},
{
"introduced": "7.10.6-rev28"
},
{
"last_affected": "7.10.6-rev28"
},
{
"introduced": "7.10.6-rev29"
},
{
"last_affected": "7.10.6-rev29"
},
{
"introduced": "7.10.6-rev30"
},
{
"last_affected": "7.10.6-rev30"
},
{
"introduced": "7.10.6-rev31"
},
{
"last_affected": "7.10.6-rev31"
},
{
"introduced": "7.10.6-rev32"
},
{
"last_affected": "7.10.6-rev32"
},
{
"introduced": "7.10.6-rev33"
},
{
"last_affected": "7.10.6-rev33"
},
{
"introduced": "7.10.6-rev34"
},
{
"last_affected": "7.10.6-rev34"
},
{
"introduced": "7.10.6-rev35"
},
{
"last_affected": "7.10.6-rev35"
},
{
"introduced": "7.10.6-rev36"
},
{
"last_affected": "7.10.6-rev36"
}
],
"source": [
"CPE_RANGE",
"CPE_STRING"
]
}