Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
hackeronePath_networkH1:1636320
HistoryJul 13, 2022 - 11:31 p.m.

Cloudflare Public Bug Bounty: Lack of Packet Sanitation in Goflow Results in Multiple DoS Attack Vectors and Bugs

2022-07-1323:31:37
path_network
hackerone.com
$500
11
cloudflare
goflow
bug bounty
packet sanitisation
dos attack
memory consumption
fixed.

EPSS

0.001

Percentile

38.4%

JSON

sflow decode package of the Goflow application did not implement sufficient packet sanitisation which could lead to a denial of service attack. Attackers could craft malformed packets causing the process to consume large amounts of memory resulting in a denial of service.
The issue has been fixed by Cloudflare Engineering team in the 3.4.4 Goflow release.

Related

veracode 1
osv 3
github 1
nvd 1
cve 1
prion 1
cvelist 1
veracode
veracode
Denial Of Service (DoS)
2022-10-03 06:06:10
osv
osv
CVE-2022-2529
2022-09-30 11:15:09
Cloudflare GoFlow vulnerable to a Denial of Service in the sflow packet handling package
2022-10-01 15:52:23
Cloudflare GoFlow vulnerable to a Denial of Service in the sflow packet handling package in github.com/cloudflare/goflow
2024-08-21 16:03:24
github
github
Cloudflare GoFlow vulnerable to a Denial of Service in the sflow packet handling package
2022-10-01 15:52:23
nvd
nvd
CVE-2022-2529
2022-09-30 11:15:09
cve
cve
CVE-2022-2529
2022-09-30 11:15:09
prion
prion
Denial of service
2022-09-30 11:15:00
cvelist
cvelist
CVE-2022-2529 Multiple DoS Attack Vectors in sflow packet handling
2022-09-30 10:45:11

EPSS

0.001

Percentile

38.4%

JSON
Related for H1:1636320
veracode1osv3github1nvd1cve1prion1cvelist1