Description
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.
Remediation
References
Related Vulnerabilities
Liferay Portal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-10795)
UAParser.js Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-4229)
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-38268)
Grafana Incorrect Authorization Vulnerability (CVE-2022-21713)