CVE-2019-25072
Uncontrolled resource consumption in github.com/tendermint/tendermint
Due to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a significant amount of system resources, which may be used as a denial of service vector.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Productos afectados
github.com/tendermint/tendermint · github.com/tendermint/tendermint/rpc/lib/client¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →