CVE-2018-14733

Sažetak

The Odoo Community Association (OCA) dbfilter_from_header module makes Odoo 8.x, 9.x, 10.x, and 11.x vulnerable to ReDoS (regular expression denial of service) under certain circumstances.

Reference

https://github.com/OCA/server-tools/issues/1335
https://github.com/OCA/server-tools/tree/10.0/dbfilter_from_header
https://github.com/OCA/server-tools/tree/11.0/dbfilter_from_header
https://github.com/OCA/server-tools/tree/8.0/dbfilter_from_header
https://github.com/OCA/server-tools/tree/9.0/dbfilter_from_header

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

09-07-2019 - 17:23

Objavljeno

05-07-2019 - 20:15