Headline
CVE-2022-3298
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8.
Related news
GHSA-xhw9-4wqq-x67v: rdiffweb vulnerable to potential DoS via memory consumption
rdiffweb prior to 2.4.8 is vulnerable to a potential Dos attack via an unlimited length "title" field when adding an SSH key. This can result in excess memory consumption, leading to a Denial of Service (DoS). This issue is patched in version 2.4.8. There are no known workarounds.