漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
mailcow ipixel flood attack leads to Denial of Service in admin page
Vulnerability Description
mailcow is a dockerized email package, with multiple containers linked in one bridged network. The application is vulnerable to pixel flood attack, once the payload has been successfully uploaded in the logo the application goes slow and doesn't respond in the admin page. It is tested on the versions 2023-12a and prior and patched in version 2024-01.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
mailcow 资源管理错误漏洞
Vulnerability Description
mailcow是一个邮件服务器套件。 mailcow存在资源管理错误漏洞,该漏洞源于一旦有效载荷在logo中成功上传,应用程序就会变慢并且在管理页面中不响应。
CVSS Information
N/A
Vulnerability Type
N/A