The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.
Common Name None VWE-ID VWE-2019-5463 Related Report None Severity HIGH Exploit Difficulty EASY Platform Affects all platforms supported by the vulnerable versions. Description Denial of Service Amplification. Content updates that affect a large number of feeds may take an infinite number of deferred requests to apply those updates.
Discovered December 30, 2019 Resolved February 5, 2020 Patches Available 4.1.0 RC 1 Workaround Use permissions to prevent non-admin users from adding entries to feeds. Admins not to add the same content items to more than a handful of feeds.
This page has been seen 485,532 times.
-
-
Created by on
-