Discourse is an open source discussion platform. In affected versions a malicious user can cause a regular expression denial of service using a carefully crafted git URL. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to upgrade. There are no known workarounds for this issue.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-02-08T19:31:59.994Z
Updated: 2024-08-02T11:18:35.654Z
Reserved: 2023-02-03T16:59:18.246Z
Link: CVE-2023-25167
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-02-08T20:15:25.100
Modified: 2023-02-18T21:48:55.757
Link: CVE-2023-25167
Redhat
No data.