SecuritySpace - CVE-2021-32623

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2021-32623

Description: Opencast is a free and open source solution for automated video capture and distribution. Versions of Opencast prior to 9.6 are vulnerable to the billion laughs attack, which allows an attacker to easily execute a (seemingly permanent) denial of service attack, essentially taking down Opencast using a single HTTP request. To exploit this, users need to have ingest privileges, limiting the group of potential attackers The problem has been fixed in Opencast 9.6. There is no known workaround for this issue.

Test IDs: 1.3.6.1.4.1.25623.1.0.112906

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2021-32623
https://github.com/opencast/opencast/security/advisories/GHSA-9gwx-9cwp-5c2m
https://github.com/opencast/opencast/commit/8ae27da5a6f658011a5741b3210e715b0dc6213e
https://github.com/opencast/opencast/commit/8ae27da5a6f658011a5741b3210e715b0dc6213e

CVE ID:	CVE-2021-32623
Description:	Opencast is a free and open source solution for automated video capture and distribution. Versions of Opencast prior to 9.6 are vulnerable to the billion laughs attack, which allows an attacker to easily execute a (seemingly permanent) denial of service attack, essentially taking down Opencast using a single HTTP request. To exploit this, users need to have ingest privileges, limiting the group of potential attackers The problem has been fixed in Opencast 9.6. There is no known workaround for this issue.
Test IDs:	1.3.6.1.4.1.25623.1.0.112906
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2021-32623 https://github.com/opencast/opencast/security/advisories/GHSA-9gwx-9cwp-5c2m https://github.com/opencast/opencast/commit/8ae27da5a6f658011a5741b3210e715b0dc6213e https://github.com/opencast/opencast/commit/8ae27da5a6f658011a5741b3210e715b0dc6213e