---

CVE-2021-42076 - log back

CVE-2021-42076 edited at 02 Nov 2021 12:42:36
Severity	- Unknown + Low
Remote	- Unknown + Remote
Type	- Unknown + Denial of service
Description	+ A security issue has been found in Barrier before version 2.3.4. There is no check against overlong messages being sent by clients, so they can send up to 2^32 - 1 bytes, causing unauthenticated remote denial of service via excessive heap memory allocations. Multiple connections can be used to abuse this in parallel and cause even higher memory allocation, if necessary.
References	+ https://www.openwall.com/lists/oss-security/2021/11/02/4 + https://github.com/debauchee/barrier/pull/1347

CVE-2021-42076 created at 02 Nov 2021 12:28:17