Vulnerability Details CVE-2018-14733
The Odoo Community Association (OCA) dbfilter_from_header module makes Odoo 8.x, 9.x, 10.x, and 11.x vulnerable to ReDoS (regular expression denial of service) under certain circumstances.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://github.com/OCA/server-tools/issues/1335
- https://github.com/OCA/server-tools/tree/10.0/dbfilter_from_header
- https://github.com/OCA/server-tools/tree/11.0/dbfilter_from_header
- https://github.com/OCA/server-tools/tree/8.0/dbfilter_from_header
- https://github.com/OCA/server-tools/tree/9.0/dbfilter_from_header
- https://github.com/OCA/server-tools/issues/1335
- https://github.com/OCA/server-tools/tree/10.0/dbfilter_from_header
- https://github.com/OCA/server-tools/tree/11.0/dbfilter_from_header
- https://github.com/OCA/server-tools/tree/8.0/dbfilter_from_header
- https://github.com/OCA/server-tools/tree/9.0/dbfilter_from_header