Volto is a React based frontend for the Plone Content Management System. In versions from 19.0.0-alpha.1 to before 19.0.0-alpha.4, 18.0.0 to before 18.24.0, 17.0.0 to before 17.22.1, and prior to 16.34.0, an anonymous user could cause the NodeJS server part of Volto to quit with an error when visiting a specific URL. The problem has been patched in versions 16.34.0, 17.22.1, 18.24.0, and 19.0.0-alpha.4. To mitigate downtime, have setup automatically restart processes that quit with an error.
History

Sun, 31 Aug 2025 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Plone
Plone volto
Vendors & Products Plone
Plone volto

Thu, 28 Aug 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 28 Aug 2025 17:30:00 +0000

Type Values Removed Values Added
Description Volto is a React based frontend for the Plone Content Management System. In versions from 19.0.0-alpha.1 to before 19.0.0-alpha.4, 18.0.0 to before 18.24.0, 17.0.0 to before 17.22.1, and prior to 16.34.0, an anonymous user could cause the NodeJS server part of Volto to quit with an error when visiting a specific URL. The problem has been patched in versions 16.34.0, 17.22.1, 18.24.0, and 19.0.0-alpha.4. To mitigate downtime, have setup automatically restart processes that quit with an error.
Title Volto affected by possible DoS by invoking specific URL by anonymous user
Weaknesses CWE-755
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2025-08-28T18:35:51.922Z

Reserved: 2025-08-22T14:30:32.221Z

Link: CVE-2025-58047

cve-icon Vulnrichment

Updated: 2025-08-28T18:35:49.393Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-08-28T18:15:33.277

Modified: 2025-08-29T16:24:29.730

Link: CVE-2025-58047

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-08-31T08:41:43Z