blob: c60d881c19dbbb1b55e0fafb71b66279ec1525ab [file] [log] [blame]
module = "github.com/revel/revel"
description = """
If the application accepts
[slice parameters](https://revel.github.io/manual/parameters.html#slices), an
attacker can cause the application to allocate large amounts of memory and
crash by manipulating the request query.
"""
credit = "@SYM01"
published = "2021-04-14T12:00:00Z"
[[versions]]
fixed = "v1.0.0"
[links]
commit = "https://github.com/revel/revel/commit/d160ecb72207824005b19778594cbdc272e8a605"
pr = "https://github.com/revel/revel/pull/1427"
context = ["https://github.com/revel/revel/issues/1424"]
[cve_metadata]
id = "CVE-9999-0002"
description = """
Unsanitized input in the query parser in github.com/revel/revel before v1.0.0
allows remote attackers to cause resource exhaustion via memory allocation.
"""
cwe = "CWE-400: Uncontrolled Resource Consumption"