Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2, when PostgreSQL is used, does not properly handle large integers in (1) bug and (2) attachment phrases, which allows remote authenticated users to cause a denial of service (bug invisibility) via a crafted comment.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Bugzilla PostgreSQL数字错误漏洞
Vulnerability Description
Bugzilla是很多软件项目都在使用的基于Web的BUG跟踪系统。 Bugzilla 2.23.1至3.2.7版本,3.3.1至3.4.7版本,3.5.1至3.6.1版本,以及3.7至3.7.2版本,当PostgreSQL启用时,不能正确处理(1)bug和(2)attachment词组中的超大整数,远程认证用户可以借助特制的评注导致拒绝服务(错误隐形)。 如果评注中包含有bug X或attachment X(其中X是大于最大32位有符整型大小的整数),PostgreSQL会报错,无法再查看任何包含有该评
CVSS Information
N/A
Vulnerability Type
N/A