Description Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality. Remediation References CVE-2024-25978 Related Vulnerabilities OpenSSL Out-of-bounds Read Vulnerability (CVE-2014-0160) WordPress Plugin Powerplay Gallery 'upload.php' Arbitrary File Upload (3.2) Drupal Core 8.x.x Arbitrary File Overwrite (8.0.0 - 8.7.14) WordPress Plugin Yoast SEO Security Bypass (1.4.6) phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28108) Severity High Classification CVE-2024-25978 CWE-770 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Tags Missing Update Known Vulnerabilities