Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
@plone/volto vulnerable to potential DoS by invoking specific URL by anonymous user
Vulnerability Description
Volto is a ReactJS-based frontend for the Plone Content Management System. Versions 16.34.0 and below, 17.0.0 through 17.22.1, 18.0.0 through 18.27.1, and 19.0.0-alpha.1 through 19.0.0-alpha.5, an anonymous user could cause the NodeJS server part of Volto to quit with an error when visiting a specific URL. This issue is fixed in versions 16.34.1, 17.22.2, 18.27.2 and 19.0.0-alpha.6.
CVSS Information
N/A
Vulnerability Type
空指针解引用
Vulnerability Title
Volto 代码问题漏洞
Vulnerability Description
Volto是Plone Foundation开源的一个内容管理系统。 Volto 16.34.0及之前版本、17.0.0版本至17.22.1版本、18.0.0版本至18.27.1版本和19.0.0-alpha.1版本至19.0.0-alpha.5版本存在代码问题漏洞,该漏洞源于匿名用户访问特定URL可能导致NodeJS服务器退出。
CVSS Information
N/A
Vulnerability Type
N/A