CVE-2022-25891

Uncontrolled Resource Consumption in go/github.com/containrrr/shoutrrr

Identifiers

CVE-2022-25891

Package Slug

go/github.com/containrrr/shoutrrr

Vulnerability

Uncontrolled Resource Consumption

Description

The package github.com/containrrr/shoutrrr/pkg/util before 0.6.0 is vulnerable to Denial of Service (DoS) via the util.PartitionMessage function. Exploiting this vulnerability is possible by sending exactly 2000, 4000, or 6000 characters messages.

Affected Versions

All versions before 0.6.0

Solution

Upgrade to version 0.6.0 or above.

Last Modified

2022-07-24

source