0x5t4l1n/CVE
1
0
Fork 0
mirror of https://github.com/0x5t4l1n/CVE.git synced 2026-05-26 11:25:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
4 Commits 7 Branches 0 Tags
b728ba9b9646ab78e56181ecc880134848b9b8b0
T
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Stalin b728ba9b96 Update README.md
2026-03-26 22:05:38 +05:30
README.md
Update README.md
2026-03-26 22:05:38 +05:30

README.md

CVE

CVE-2026-29905 — Kirby CMS Persistent DoS via Malformed Image Upload

This vulnerability has been assigned CVE-2026-29905 by MITRE.

Overview

A authenticated user with Editor permissions can upload a malformed file with an image extension to cause a persistent Denial of Service in Kirby CMS.

CVE ID: CVE-2026-29905 Affected Version: Kirby CMS ≤ 5.1.4 Fixed In: Kirby CMS 5.2.0-rc.1 Severity: Medium CWE: CWE-252 (Unchecked Return Value), CWE-20 (Improper Input Validation)

Description

Kirby processes uploaded image files using PHP's getimagesize() function without validating its return value. When a malformed file is uploaded with a valid image extension (e.g. .jpg), getimagesize() returns false instead of an array. The application then triggers a fatal TypeError during thumbnail generation or metadata processing.

The crash persists across page reloads until the file is manually removed from the filesystem.

Impact

  • Any Editor-role user (non-admin) can trigger the DoS condition.
  • Affected pages return HTTP 500 until the file is removed manually.

Fix

Patched in Kirby CMS 5.2.0-rc.1.

Discoverer

Stalin S (@Stalin-143)

Reference in New Issue View Git Blame Copy Permalink
S
Description
No description provided
Readme 88 KiB
Languages
Python 100%