CVE-2023-41055

{"id": "CVE-2023-41055", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2023-09-04T18:15:09.203", "references": [{"url": "https://github.com/Ahwxorg/LibreY/pull/9", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/Ahwxorg/LibreY/security/advisories/GHSA-xfj6-4vp9-8rgc", "tags": ["Exploit", "Patch", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/Ahwxorg/LibreY/pull/9", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/Ahwxorg/LibreY/security/advisories/GHSA-xfj6-4vp9-8rgc", "tags": ["Exploit", "Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-918"}]}], "descriptions": [{"lang": "en", "value": "LibreY is a fork of LibreX, a framework-less and javascript-free privacy respecting meta search engine. LibreY is subject to a Server-Side Request Forgery (SSRF) vulnerability in the `engines/google/text.php` and `engines/duckduckgo/text.php` files in versions before commit be59098abd119cda70b15bf3faac596dfd39a744. This vulnerability allows remote attackers to request the server to send HTTP GET requests to arbitrary targets and conduct Denial-of-Service (DoS) attacks via the `wikipedia_language` cookie. Remote attackers can request the server to download large files to reduce the performance of the server or even deny access from legitimate users. This issue has been patched in https://github.com/Ahwxorg/LibreY/pull/9. LibreY hosters are advised to use the latest commit. There are no known workarounds for this vulnerability."}, {"lang": "es", "value": "LibreY es un fork de LibreX, un metabuscador sin framework y sin javascript que respeta la privacidad. LibreY est\u00e1 sujeto a una vulnerabilidad de Server-Side Request Forgery (SSRF) en los archivos `engines/google/text.php` y `engines/duckduckgo/text.php` en versiones anteriores a be59098abd119cda70b15bf3faac596dfd39a744.Esta vulnerabilidad permite a atacantes remotos solicitar al servidor que env\u00ede solicitudes HTTP GET a objetivos arbitrarios y realizar ataques de denegaci\u00f3n de servicio (DoS) a trav\u00e9s de la cookie `wikipedia_language.Los atacantes remotos pueden solicitar al servidor que descargue archivos grandes para reducir el rendimiento del servidor o incluso negar el acceso a usuarios leg\u00edtimos. Este problema se solucion\u00f3 en https://github.com/Ahwxorg/LibreY/pull/9. Se recomienda a los hosters de LibreY que utilicen el \u00faltimo commit. No se conocen soluciones para esta vulnerabilidad."}], "lastModified": "2024-11-21T08:20:28.260", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ahwx:librey:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C84208E2-25ED-4435-A72C-95619190D677", "versionEndExcluding": "2023-08-17"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}