2 matches found
CVE-2025-68272 Signal K Server Vulnerable to Denial of Service via Unrestricted Access Request Flooding
Signal K Server is a server application that runs on a central hub in a boat. A Denial of Service DoS vulnerability in versions prior to 2.19.0 allows an unauthenticated attacker to crash the SignalK Server by flooding the access request endpoint /signalk/v1/access/requests. This causes a...
CVE-2025-68272
Summary: Signal K Server up to version 2.19.0 is affected by a DoS via unrestricted access request flooding at the endpoint /signalk/v1/access/requests. The issue arises from unbounded in-memory storage of access requests, leading to a JavaScript heap out of memory and server crash when handling ...