CVE-2022-47925

Description

The validate JSON endpoint of the Secvisogram csaf-validator-service in versions < 0.1.0 processes tests with unexpected names. This insufficient input validation of requests by an unauthenticated remote user might lead to a DoS of the process answering the current request while having no effect on other requests.

Related CPE's

acsaf-validator-lib_projectcsaf-validator-lib********

References

https://wid.cert-bund.de/.well-known/csaf/white/2022/bsi-2022-0004.json

Third Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io