Vulnerabilities: Difference between revisions
No edit summary |
No edit summary |
||
| (5 intermediate revisions by 4 users not shown) | |||
| Line 12: | Line 12: | ||
'''Patched:''' Yes | '''Patched:''' Yes | ||
'''Discoverer(s):''' ''Unknown'', FP | '''Discoverer(s):''' ''Unknown'', [[Fp|FP]] | ||
== September 23, 2021 == | == September 23, 2021 == | ||
| Line 61: | Line 61: | ||
'''Discoverer(s):''' FP | '''Discoverer(s):''' FP | ||
== June 2, 2024 == | |||
'''Type:''' Rate limit issue | |||
'''Description:''' A user can send up to 512 chat messages per second on the Global channel. | |||
'''Commit(s):''' <nowiki>https://github.com/system2k/NodeWorldOfText/commit/dd4b385b762dc9f6033ddcab788ce4e1a2103b77</nowiki> | |||
'''Actively exploited at its time:''' Yes | |||
'''Patched:''' Yes | |||
'''Discoverer(s):''' Maroon, FP, [[KKosty4ka]] | |||
== June 17, 2024 == | |||
'''Type:''' Crash exploit | |||
'''Description:''' A [https://github.com/websockets/ws/pull/2231 crash exploit] in the "ws" library affected OWOT. | |||
'''Commit(s):''' <nowiki>https://github.com/system2k/NodeWorldOfText/commit/00ebd4202924dc660dab22ffd41f5c45f39da446</nowiki> | |||
'''Actively exploited at its time:''' No | |||
'''Patched:''' Yes | |||
'''Discoverer(s):''' KKosty4ka | |||
== January 13, 2025 == | |||
'''Type:''' Bad length validation ([https://cwe.mitre.org/data/definitions/1284.html CWE-1284]) | |||
'''Description:''' Due to a typo, string values in a custom chat metadata object were not properly validated. Can be used to take down or saturate the server with extremely large payloads. ([https://capec.mitre.org/data/definitions/231.html CAPEC-231]) | |||
'''Commit(s):''' <nowiki>https://github.com/system2k/NodeWorldOfText/commit/8070c780476c5ecfa257f46743f7b09bc49073ef</nowiki> | |||
'''Actively exploited at its time:''' No | |||
'''Patched:''' Yes | |||
'''Discoverer(s):''' [[Itac85v2|ITAC85v2]] | |||
[[Category:Documentation]] | |||