漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Mastodon: Persistent anonymous DoS via unhandled NoMethodError in MATH_TRANSFORMER
Vulnerability Description
Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.11, 4.4.18, and 4.3.24, a DoS can be triggered by (Uncaught Exception vulerability), due to missing exception handling in the math sanitizer. Malformed <math> nodes can result in a DoS of a whole server or targeted users services, depending on the type of action that includes the malformed nodes and the services interacting with it. This vulnerability is fixed in 4.5.11, 4.4.18, and 4.3.24.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
未捕获的异常
Vulnerability Title
Mastodon 异常处理不当漏洞
Vulnerability Description
Mastodon是Mastodon组织的一款去中心化社交网络服务器软件。 Mastodon 4.5.11之前版本、4.4.18之前版本和4.3.24之前版本存在异常处理不当漏洞,该漏洞源于数学清理器缺少异常处理,导致未捕获异常,畸形<math>节点可能导致整个服务器或目标用户服务拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A