Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
mailcow ipixel flood attack leads to Denial of Service in admin page
Vulnerability Description
mailcow is a dockerized email package, with multiple containers linked in one bridged network. The application is vulnerable to pixel flood attack, once the payload has been successfully uploaded in the logo the application goes slow and doesn't respond in the admin page. It is tested on the versions 2023-12a and prior and patched in version 2024-01.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
mailcow 资源管理错误漏洞
Vulnerability Description
mailcow是一个邮件服务器套件。 mailcow存在资源管理错误漏洞,该漏洞源于一旦有效载荷在logo中成功上传,应用程序就会变慢并且在管理页面中不响应。
CVSS Information
N/A
Vulnerability Type
N/A