CVE-2023-3163

A vulnerability was found in y_project RuoYi up to 4.7.7. It has been classified as problematic. Affected is the function filterKeyword. The manipulation of the argument value leads to resource consumption. VDB-231090 is the identifier assigned to this vulnerability.
Configurations

Configuration 1 (hide)

cpe:2.3:a:ruoyi:ruoyi:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:16

Type Values Removed Values Added
CVSS v2 : 2.7
v3 : 7.5
v2 : 2.7
v3 : 3.5
References () https://gitee.com/y_project/RuoYi/issues/I78DOR - Exploit () https://gitee.com/y_project/RuoYi/issues/I78DOR - Exploit
References () https://vuldb.com/?ctiid.231090 - Permissions Required () https://vuldb.com/?ctiid.231090 - Permissions Required
References () https://vuldb.com/?id.231090 - Permissions Required () https://vuldb.com/?id.231090 - Permissions Required

14 Jun 2023, 16:02

Type Values Removed Values Added
CPE cpe:2.3:a:ruoyi:ruoyi:*:*:*:*:*:*:*:*
CWE CWE-400 CWE-89
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
References (MISC) https://vuldb.com/?id.231090 - (MISC) https://vuldb.com/?id.231090 - Permissions Required
References (MISC) https://vuldb.com/?ctiid.231090 - (MISC) https://vuldb.com/?ctiid.231090 - Permissions Required
References (MISC) https://gitee.com/y_project/RuoYi/issues/I78DOR - (MISC) https://gitee.com/y_project/RuoYi/issues/I78DOR - Exploit

08 Jun 2023, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-06-08 14:15

Updated : 2024-11-21 08:16


NVD link : CVE-2023-3163

Mitre link : CVE-2023-3163

CVE.ORG link : CVE-2023-3163


JSON object : View

Products Affected

ruoyi

  • ruoyi
CWE
CWE-400

Uncontrolled Resource Consumption

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')