{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T23:37:01.536","vulnerabilities":[{"cve":{"id":"CVE-2022-41921","sourceIdentifier":"security-advisories@github.com","published":"2022-11-28T15:15:10.543","lastModified":"2024-11-21T07:24:04.397","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Discourse is an open-source discussion platform. Prior to version 2.9.0.beta13, users can post chat messages of an unlimited length, which can cause a denial of service for other users when posting huge amounts of text. Users should upgrade to version 2.9.0.beta13, where a limit has been introduced. No known workarounds are available."},{"lang":"es","value":"Discourse es una plataforma de discusión de código abierto. Antes de la versión 2.9.0.beta13, los usuarios podían publicar mensajes de chat de longitud ilimitada, lo que podía provocar una Denegación de Servicio (DoS) para otros usuarios al publicar grandes cantidades de texto. Los usuarios deben actualizar a la versión 2.9.0.beta13, donde se introdujo un límite. No hay workarounds conocidos disponibles."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L","baseScore":3.5,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.1,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:*:*:*:*:*:*:*:*","versionEndExcluding":"2.9.0","matchCriteriaId":"A387C9DC-A3A5-416B-A564-DBD4F345972B"},{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:2.9.0:beta1:*:*:*:*:*:*","matchCriteriaId":"B3803EF9-A296-42B7-887F-93C5E68E94C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:2.9.0:beta10:*:*:*:*:*:*","matchCriteriaId":"35BAC488-3622-4B0B-B8EA-879E8C68E8CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:2.9.0:beta11:*:*:*:*:*:*","matchCriteriaId":"406A23B4-B971-4DC8-A132-EE9854FE8546"},{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:2.9.0:beta12:*:*:*:*:*:*","matchCriteriaId":"1DD3C47F-E49F-4E19-9EA7-A322C4CFD541"},{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:2.9.0:beta2:*:*:*:*:*:*","matchCriteriaId":"8BA3D313-3C11-43E2-A47D-CBB532D1B6F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:2.9.0:beta3:*:*:*:*:*:*","matchCriteriaId":"6F42673E-65F3-4807-9484-20CB747420FB"},{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:2.9.0:beta4:*:*:*:*:*:*","matchCriteriaId":"0B91D023-FCE5-4866-AD8B-BBB675763104"},{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:2.9.0:beta5:*:*:*:*:*:*","matchCriteriaId":"0086484D-0164-449C-8AAE-BE7479CB9706"},{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:2.9.0:beta6:*:*:*:*:*:*","matchCriteriaId":"F9D1B031-96C7-44C0-A0A0-F67ABE55C93C"},{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:2.9.0:beta7:*:*:*:*:*:*","matchCriteriaId":"750D2AD9-35E7-4AC7-9C22-AA90DAA34F3F"},{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:2.9.0:beta8:*:*:*:*:*:*","matchCriteriaId":"B68E308A-BDAB-4614-A563-4460F7996CBE"},{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:2.9.0:beta9:*:*:*:*:*:*","matchCriteriaId":"5DEDE4C5-2C2A-4B74-BB41-8AAA0EE636E2"}]}]}],"references":[{"url":"https://github.com/discourse/discourse/commit/3de765c89524a526ce611e11468d758a471a933f","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/discourse/discourse/security/advisories/GHSA-mfh7-6cv6-qccc","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://github.com/discourse/discourse/commit/3de765c89524a526ce611e11468d758a471a933f","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/discourse/discourse/security/advisories/GHSA-mfh7-6cv6-qccc","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}