CVE-2023-33950

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-33950
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-33950.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-33950
Aliases
Published
2023-05-24T17:15:10Z
Modified
2024-07-05T20:48:40Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Pattern Redirects in Liferay Portal 7.4.3.48 through 7.4.3.76, and Liferay DXP 7.4 update 48 through 76 allows regular expressions that are vulnerable to ReDoS attacks to be used as patterns, which allows remote attackers to consume an excessive amount of server resources via crafted request URLs.

References

Affected packages

Git / github.com/liferay/liferay-portal

Affected ranges

Type
GIT
Repo
https://github.com/liferay/liferay-portal
Events