CVE-2021-38623

HIGH

deferred_image_processing < 1.0.2 - Denial of Service via FAL API Disk Consumption

Title source: llm

Description

The deferred_image_processing (aka Deferred image processing) extension before 1.0.2 for TYPO3 allows Denial of Service via the FAL API because of /var/transient disk consumption.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://typo3.org/security/advisory/typo3-ext-sa-2021-009

Scores

CVSS v3 7.5

EPSS 0.0096

EPSS Percentile 56.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-404

Status published

Products (2)

deferred_image_processing_project/deferred_image_processing < 1.0.2

webcoast/deferred-image-processing 0 - 1.0.2Packagist

Published Aug 13, 2021

Tracked Since Feb 18, 2026