Resource exhaustion in Dynamicpagelist3_project Dynamicpagelist3
CVE-2021-41118
The DynamicPageList3 extension is a reporting tool for MediaWiki, listing category members and intersections with various formats and details. In affected versions unsanitised input of regular expression date within the parameters of the D…
Vulnerability class: DoS (Denial of Service)
EPSS: 0.011 (62.1th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H.
Affected products
- Dynamicpagelist3_project Dynamicpagelist3
- Universal-omega Dynamicpagelist3 — versions < 3.3.6
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM, Third Party Advisory, Mitigation)
- security-advisories@github.com (Patch, Third Party Advisory, x_refsource_MISC)
- security-advisories@github.com (Third Party Advisory, x_refsource_MISC, Release Notes)
Frequently asked questions
- What is CVE-2021-41118?
- CVE-2021-41118 is a medium-severity vulnerability in Dynamicpagelist3_project Dynamicpagelist3, classified under Uncontrolled Resource Consumption. CVSS score: 5.3/10. Published 2021-10-04.
- How severe is CVE-2021-41118?
- Medium severity. CVSS v3 base score is 5.3 out of 10.