CVE-2019-25072

Published December 27th, 2022

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

Due to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a significant amount of system resources, which may be used as a denial of service vector.

tendermint/tendermint

⟁ Tendermint Core (BFT Consensus) in Go

GitHub

5.86K