CVE Catalog

CVE-2023-3163

LowCVSS 3.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Elevated risk
1.37%

68th percentile — higher than 68% of all known CVEs

Summary

A vulnerability was found in y_project RuoYi up to version 4.7.7, classified as problematic. It affects the function filterKeyword, where manipulation of the argument value leads to resource consumption.

Risk Assessment

The organization may experience performance issues due to excessive resource consumption, potentially leading to downtime or degradation of services.

Recommendation

It is recommended to update to the latest version of RuoYi to mitigate this vulnerability and to monitor resource consumption in the system.

Original NVD description (English source)

A vulnerability was found in y_project RuoYi up to 4.7.7. It has been classified as problematic. Affected is the function filterKeyword. The manipulation of the argument value leads to resource consumption. VDB-231090 is the identifier assigned to this vulnerability.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS