GHSA-3cxx-3f53-m92c, CVE-2022-43686
packagist/concrete5/concrete5
Uncontrolled Resource Consumption
In Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2, the authTypeConcreteCookieMap table can be filled up causing a denial of service (high load).
All versions before 8.5.10, all versions starting from 9.0.0 before 9.1.3
Upgrade to versions 8.5.10, 9.1.3 or above.
2022-11-22
source |