Vulnerabilities: Difference between revisions
does this count? |
Document CWE-1284 bug with custom chat metadata from January 13, 2025 |
||
| Line 87: | Line 87: | ||
'''Discoverer(s):''' KKosty4ka | '''Discoverer(s):''' KKosty4ka | ||
== January 13, 2025 == | |||
'''Type:''' Bad length validation ([https://cwe.mitre.org/data/definitions/1284.html CWE-1284]) | |||
'''Description:''' Due to a typo, string values in a custom chat metadata object were not properly validated. Can be used to take down or saturate the server with extremely large payloads. ([https://capec.mitre.org/data/definitions/231.html CAPEC-231]) | |||
'''Commit(s):''' <nowiki>https://github.com/system2k/NodeWorldOfText/commit/8070c780476c5ecfa257f46743f7b09bc49073ef</nowiki> | |||
'''Actively exploited at its time:''' Yes | |||
'''Patched:''' Yes | |||
'''Discoverer(s):''' ITAC85v2 | |||