Lucene search
Veracode Vulnerability DatabaseVERACODE:44696HistoryDec 15, 2023 - 8:07 a.m.
Denial Of Service (DoS)
2023-12-1508:07:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14
denial of service
vulnerability
@cubejs-backend/api-gateway
application crash
crafted query
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.9
Confidence
High
EPSS
0.001
Percentile
17.0%
@cubejs-backend/api-gateway is vulnerable to Denial Of Service (DoS). The vulnerability exists in gateway.ts allowing an attacker to cause an application crash by submitting a crafted query.
Related
nvd
nvd
CVE-2023-50709
2023-12-13 22:15:43
cvelist
cvelist
CVE-2023-50709 Denial of service attack on the cube-api endpoint
2023-12-13 22:00:04
osv
osv
Cube API denial of service attack
2023-12-13 23:15:56
cve
cve
CVE-2023-50709
2023-12-13 22:15:43
prion
prion
Design/Logic Flaw
2023-12-13 22:15:00
github
github
Cube API denial of service attack
2023-12-13 23:15:56
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.9
Confidence
High
EPSS
0.001
Percentile
17.0%
Related for VERACODE:44696