Vulnerability Report: GO-2020-0037
- CVE-2019-25072, GHSA-3fm3-m23v-5r46
- Affects: github.com/tendermint/tendermint
- Published: Apr 14, 2021
- Modified: Jun 12, 2023
Due to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a significant amount of system resources, which may be used as a denial of service vector.
See anything missing or incorrect? Suggest an edit to this report.