CVE-2024-35227

CVSS V2 None CVSS V3 None
Description
Discourse is an open-source discussion platform. Prior to version 3.2.3 on the `stable` branch and version 3.3.0.beta3 on the `tests-passed` branch, Oneboxing against a carefully crafted malicious URL can reduce the availability of a Discourse instance. The problem has been patched in version 3.2.3 on the `stable` branch and version 3.3.0.beta3 on the `tests-passed` branch. There are no known workarounds available for this vulnerability.
Overview
  • CVE ID
  • CVE-2024-35227
  • Assigner
  • GitHub_M
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-07-03T17:39:38.293Z
  • Last Modified Date
  • 2024-07-03T18:39:26.390Z
History
Created Old Value New Value Data Type Notes
2024-07-04 13:10:32 Added to TrackCVE