CVE-2022-25891

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-25891

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-25891.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-25891

Aliases

Related

SNYK-GOLANG-GITHUBCOMCONTAINRRRSHOUTRRRPKGUTIL-2849059

Published

2022-07-15T20:15:08Z

Modified

2025-01-08T14:11:49.098784Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

The package github.com/containrrr/shoutrrr/pkg/util before 0.6.0 are vulnerable to Denial of Service (DoS) via the util.PartitionMessage function. Exploiting this vulnerability is possible by sending exactly 2000, 4000, or 6000 characters messages.

References

Affected packages

Git / github.com/containrrr/shoutrrr

Affected ranges

Type: GIT
Repo: https://github.com/containrrr/shoutrrr
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

6a27056f9d7522a8b493216195cb7634bf4b5c42

Fixed

6a27056f9d7522a8b493216195cb7634bf4b5c42

Affected versions

v0.*

v0.1

v0.2

v0.3.0

v0.4.0

v0.4.1

v0.4.2

v0.4.3

v0.4.4