SecuritySpace - CVE-2023-41043

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2023-41043

Description: Discourse is an open-source discussion platform. Prior to version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches, a malicious admin could create extremely large icons sprites, which would then be cached in each server process. This may cause server processes to be killed and lead to downtime. The issue is patched in version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches. This is only a concern for multisite installations. No action is required when the admins are trusted.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2023-41043
https://github.com/discourse/discourse/security/advisories/GHSA-28hh-h5xw-xgvx
https://github.com/discourse/discourse/security/advisories/GHSA-28hh-h5xw-xgvx

CVE ID:	CVE-2023-41043
Description:	Discourse is an open-source discussion platform. Prior to version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches, a malicious admin could create extremely large icons sprites, which would then be cached in each server process. This may cause server processes to be killed and lead to downtime. The issue is patched in version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches. This is only a concern for multisite installations. No action is required when the admins are trusted.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2023-41043 https://github.com/discourse/discourse/security/advisories/GHSA-28hh-h5xw-xgvx https://github.com/discourse/discourse/security/advisories/GHSA-28hh-h5xw-xgvx