CVE-2024-39317 | Wagtail up to 5.2.5/6.0.5/6.1.2 parse_query_string redos (GHSA-jmp3-39vp-fwg8)

Inserito da Angelo Barbosa | Lug 11, 2024 | CVE

A vulnerability was found in Wagtail up to 5.2.5/6.0.5/6.1.2. It has been declared as problematic. Affected by this vulnerability is the function parse_query_string. The manipulation leads to inefficient regular expression complexity.

This vulnerability is known as CVE-2024-39317. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-39317 | Wagtail up to 5.2.5/6.0.5/6.1.2 parse_query_string redos (GHSA-jmp3-39vp-fwg8)

Post correlati

CVE-2023-50858 | Bill Minozzi Anti Hacker Plugin up to 4.34 on WordPress cross-site request forgery

CVE-2024-0882 | qwdigital LinkWechat 5.1.0 Universal Download Interface resource name path traversal

CVE-2024-0767 | Envo Elementor Templates & Widgets for WooCommerce Plugin ajax_plugin_activation cross-site request forgery

CVE-2023-32472 | Dell PowerSwitch Z9664F-ON BIOS prior 1.05.10 System Management Mode out-of-bounds (dsa-2023-225)