Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
io.jmix.localfs:jmix-localfs affected by DoS in the Local File Storage
Vulnerability Description
Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, the local file storage implementation does not restrict the size of uploaded files. An attacker could exploit this by uploading excessively large files, potentially causing the server to run out of space and return HTTP 500 error, resulting in a denial of service. This issue has been patched in versions 1.6.2 and 2.4.0. A workaround is provided on the Jmix documentation website.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
Jmix 安全漏洞
Vulnerability Description
Jmix是Jmix公司的一组库和工具,用于加速 Spring Boot 以数据为中心的应用程序开发。 Jmix 1.0.0至1.6.1版本和2.0.0至2.3.4版本存在安全漏洞,该漏洞源于文件大小限制不当,可能导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A