
We found results for “”
CVE-2023-40586
Good to know:

Date: August 25, 2023
OWASP Coraza WAF is a golang modsecurity compatible web application firewall library. Due to the misuse of "log.Fatalf", the application using coraza crashed after receiving crafted requests from attackers. The application will immediately crash after receiving a malicious request that triggers an error in "mime.ParseMediaType". This issue was patched in version 3.0.1.
Language: Go
Severity Score
Related Resources (11)
Severity Score
Weakness Type (CWE)
Uncontrolled Resource Consumption
CWE-400Insufficient Information
NVD-CWE-noinfoTop Fix

CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | NONE |
Integrity (I): | NONE |
Availability (A): | HIGH |