Back to bug 1928302
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Pedro Sampaio | 2021-02-18 14:52:07 UTC | Summary | 3scale: missing date range handling on database query | CVE-2021-20252 3scale: missing date range handling on database query |
| Alias | CVE-2021-20252 | |||
| Pedro Sampaio | 2021-02-18 14:53:35 UTC | Blocks | 1930238 | |
| Eric Christensen | 2021-02-19 14:56:51 UTC | Doc Text | A flaw was found in 3scale. The 3scale backend does not perform preventive handling on user-requested date ranges in certain queries allowing a malicious authenticated user to submit a request with a sufficiently large date range to eventually yield an internal server error resulting in denial of service. The highest threat from this vulnerability is to system availability. | |
| Red Hat Bugzilla | 2023-07-07 08:28:20 UTC | Assignee | security-response-team | nobody |
Back to bug 1928302