From 908a5210ed90126f744452067295e9e17c4fcea2 Mon Sep 17 00:00:00 2001 From: "advisory-database[bot]" <45398580+advisory-database[bot]@users.noreply.github.com> Date: Fri, 27 Dec 2024 21:54:50 +0000 Subject: [PATCH] Publish GHSA-q34m-jh98-gwm2 --- .../2024/10/GHSA-q34m-jh98-gwm2/GHSA-q34m-jh98-gwm2.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advisories/github-reviewed/2024/10/GHSA-q34m-jh98-gwm2/GHSA-q34m-jh98-gwm2.json b/advisories/github-reviewed/2024/10/GHSA-q34m-jh98-gwm2/GHSA-q34m-jh98-gwm2.json index 5f2525f4d2e1d..2249495180553 100644 --- a/advisories/github-reviewed/2024/10/GHSA-q34m-jh98-gwm2/GHSA-q34m-jh98-gwm2.json +++ b/advisories/github-reviewed/2024/10/GHSA-q34m-jh98-gwm2/GHSA-q34m-jh98-gwm2.json @@ -1,13 +1,13 @@ { "schema_version": "1.4.0", "id": "GHSA-q34m-jh98-gwm2", - "modified": "2024-12-27T21:10:18Z", + "modified": "2024-12-27T21:53:29Z", "published": "2024-10-25T19:44:43Z", "aliases": [ "CVE-2024-49767" ], "summary": "Werkzeug possible resource exhaustion when parsing file data in forms", - "details": "Applications using Werkzeug to parse `multipart/form-data` requests are vulnerable to resource exhaustion. A specially crafted form body can bypass the `Request.max_form_memory_size` setting.\n\nThe `Request.max_content_length` setting, as well as resource limits provided by deployment software and platforms, are also available to limit the resources used during a request. This vulnerability does not affect those settings. All three types of limits should be considered and set appropriately when deploying an application.", + "details": "Applications using Werkzeug to parse `multipart/form-data` requests are vulnerable to resource exhaustion. A specially crafted form body can bypass the `Request.max_form_memory_size` setting.\n\n\nThe `Request.max_content_length` setting, as well as resource limits provided by deployment software and platforms, are also available to limit the resources used during a request. This vulnerability does not affect those settings. All three types of limits should be considered and set appropriately when deploying an application.", "severity": [ { "type": "CVSS_V3",