Описание
SyncBreeze 15.2.24 contains a denial of service vulnerability in the login authentication mechanism that allows attackers to crash the service. Attackers can send an oversized password parameter with repeated 'password=' values to overwhelm the login endpoint and potentially disrupt service availability.
EPSS
Процентиль: 50%
0.00264
Низкий
Дефекты
CWE-400
Связанные уязвимости
github
около 2 месяцев назад
SyncBreeze 15.2.24 contains a denial of service vulnerability in the login authentication mechanism that allows attackers to crash the service. Attackers can send an oversized password parameter with repeated 'password=' values to overwhelm the login endpoint and potentially disrupt service availability.
EPSS
Процентиль: 50%
0.00264
Низкий
Дефекты
CWE-400