Pattern Redirects in Liferay Portal 7.4.3.48 through 7.4.3.76, and Liferay DXP 7.4 update 48 through 76 allows regular expressions that are vulnerable to ReDoS attacks to be used as patterns, which allows remote attackers to consume an excessive amount of server resources via crafted request URLs.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Liferay
Published: 2023-05-24T16:10:10.701Z
Updated: 2024-08-02T15:54:13.911Z
Reserved: 2023-05-24T02:36:00.165Z
Link: CVE-2023-33950
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-05-24T17:15:10.007
Modified: 2023-05-31T20:22:30.147
Link: CVE-2023-33950
Redhat
No data.