CVE-2024-38360

MEDIUM Year: 2024
CVSS v3 Score
4.9
Medium
Weakness Type
CWE-400
View all →

Vulnerability Description

Discourse is an open source platform for community discussion. In affected versions by creating replacement words with an almost unlimited number of characters, a moderator can reduce the availability of a Discourse instance. This issue has been addressed in stable version 3.2.3 and in current betas. Users are advised to upgrade. Users unable to upgrade may manually remove the long watched words either via SQL or Rails console.

Related Vulnerabilities

CVE-2017-12076

MEDIUM
CVSS:4.9(Medium)

Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology DiskStation (DSM) before 6.1.1-15088 allows remote authenticated attacker to exhaust the memory resources ...

CWE-4002017

CVE-2017-12077

MEDIUM
CVSS:4.9(Medium)

Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology Router Manager (SRM) before 1.1.4-6509 allows remote authenticated attacker to exhaust the memory resource...

CWE-4002017

CVE-2018-20699

MEDIUM
CVSS:4.9(Medium)

Docker Engine before 18.09 allows attackers to cause a denial of service (dockerd memory consumption) via a large integer in a --cpuset-mems or --cpuset-cpus value, related to daemon/daemon_unix.go, p...

CWE-4002018

CVE-2019-13007

MEDIUM
CVSS:4.9(Medium)

An issue was discovered in GitLab Community and Enterprise Edition 11.11 through 12.0.2. When an admin enabled one of the service templates, it was triggering an action that leads to resource depletio...

CWE-4002019

CVE-2019-5445

MEDIUM
CVSS:4.9(Medium)

DoS in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to Crash the SSH CLI interface by using crafted commands.

CWE-4002019

CVE-2020-8123

MEDIUM
CVSS:4.9(Medium)

A denial of service exists in strapi v3.0.0-beta.18.3 and earlier that can be abused in the admin console using admin rights can lead to arbitrary restart of the application.

CWE-4002020