cpe:2.3:a:plone:plone:3.0.3:*:*:*:*:*:*:*
(1) cb_decode.py and (2) linkintegrity.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote authenticated users to cause a denial of service (resource consumption) via a large zip archive, which is expanded (decompressed).
Max CVSS
3.5
EPSS Score
2.25%
Published
2014-03-11
Updated
2014-03-12
traverser.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote attackers with administrator privileges to cause a denial of service (infinite loop and resource consumption) via unspecified vectors related to "retrieving information for certain resources."
Max CVSS
4.3
EPSS Score
0.87%
Published
2014-03-11
Updated
2014-03-12
python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service (infinite loop) via an RSS feed request for a folder the user does not have permission to access.
Max CVSS
5.0
EPSS Score
0.87%
Published
2014-09-30
Updated
2014-10-02
python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service (memory consumption) via a large value, related to formatColumns.
Max CVSS
5.0
EPSS Score
1.28%
Published
2014-09-30
Updated
2023-02-13
queryCatalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to bypass caching and cause a denial of service via a crafted request to a collection.
Max CVSS
5.0
EPSS Score
2.03%
Published
2014-09-30
Updated
2023-02-13
kupu_spellcheck.py in Kupu in Plone before 4.0 allows remote attackers to cause a denial of service (ZServer thread lock) via a crafted URL.
Max CVSS
5.0
EPSS Score
0.87%
Published
2014-09-30
Updated
2014-10-02
Plone 4.1.3 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Max CVSS
5.0
EPSS Score
1.87%
Published
2011-12-30
Updated
2017-08-29
7 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!