- Description
- Altair is a fork of Misskey v12. Affected versions lack of request validation and lack of authentication in the image proxy for compressing and resizing remote files could allow attacks that could affect availability, such as by abnormally increasing the CPU usage of the server on which this software is running or placing a heavy load on the network it is using. This issue has been fixed in v12.24Q4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.
- Source
- security-advisories@github.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 8.6
- Impact score
- 4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
- Severity
- HIGH
- security-advisories@github.com
- CWE-400
- Hype score
- Not currently trending
CVE-2024-56200 Critical Lack of Validation in Altair Misskey v12 Affects Availability Altair, which is a version of Misskey v12, has a vulnerability. This issue comes from not checking requests and not asking for... https://t.co/1OlLui3X6Z
@VulmonFeeds
19 Dec 2024
55 Impressions
1 Retweet
1 Like
2 Bookmarks
0 Replies
0 Quotes
[CVE-2024-56200: HIGH] Altair, a fork of Misskey v12, had a vulnerability allowing attacks affecting availability. Upgrading to v12.24Q4.1 is vital to secure against cyber threats.#cybersecurity,#vulnerability https://t.co/zMhufkbeoo https://t.co/4sUyn4lBgN
@CveFindCom
19 Dec 2024
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-56200 Altair is a fork of Misskey v12. Affected versions lack of request validation and lack of authentication in the image proxy for compressing and resizing remote files … https://t.co/BoD7e4AIjB
@CVEnew
19 Dec 2024
300 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes