2 matches found
Excessive Platform Resource Consumption within a Loop
Overview @evershop/evershop is a The React Ecommerce platform. Built with React and Postgres. Open-source and free. Fast and customizable. Affected versions of this package are vulnerable to Excessive Platform Resource Consumption within a Loop via the GET /images API endpoint when processing SVG...
CVE-2025-67419
A Denial of Service DoS vulnerability in evershop 2.1.0 and prior allows unauthenticated attackers to exhaust the application server's resources via the "GET /images" API. The application fails to limit the height of the use-element shadow tree or the dimensions of pattern tiles during the...