More information about this CVE will likely be available in a few days

Description


A Potential DOS Vulnerability exists in CERT VINCE software prior to version 3.0.8. An authenticated administrative user can inject an arbitrary pickle object as part of a user's profile. This can lead to a potential DoS on the server when the user's profile is accessed. Django server does restrict unpickling from crashing the server.

Related CPE's


Could not find any relations

Weaknesses



CWE-502

CVSS impact metrics


Could not find any metrics

Information


Source identifier

[email protected]

Vulnerability status

Received

Published

2024-10-14T22:15:03.957

3 months ago

Last modified

2024-10-14T22:15:03.957

3 months ago