17 matches found
CVE-2026-31866
flagd is a feature flag daemon with a Unix philosophy. Prior to 0.14.2, flagd exposes OFREP /ofrep/v1/evaluate/... and gRPC evaluation.v1, evaluation.v2 endpoints for feature flag evaluation. These endpoints are designed to be publicly accessible by client applications. The evaluation context...
GO-2026-4674 flagd Vulnerable to Allocation of Resources Without Limits or Throttling in github.com/open-feature/flagd/flagd
flagd Vulnerable to Allocation of Resources Without Limits or Throttling in github.com/open-feature/flagd/flagd...
CVE-2026-31866
flagd is a feature flag daemon with a Unix philosophy. Prior to 0.14.2, flagd exposes OFREP /ofrep/v1/evaluate/... and gRPC evaluation.v1, evaluation.v2 endpoints for feature flag evaluation. These endpoints are designed to be publicly accessible by client applications. The evaluation context...
CVE-2026-31866 Allocation of Resources Without Limits or Throttling in flagd
flagd is a feature flag daemon with a Unix philosophy. Prior to 0.14.2, flagd exposes OFREP /ofrep/v1/evaluate/... and gRPC evaluation.v1, evaluation.v2 endpoints for feature flag evaluation. These endpoints are designed to be publicly accessible by client applications. The evaluation context...
CVE-2026-31866
CVE-2026-31866 affects the flagd feature flag daemon (prior to v0.14.2). The vulnerability is that the evaluation endpoints (OFREP /ofrep/v1/evaluate/… and gRPC evaluation.v1/v2) accept request bodies with no size limit, reading the evaluation context into memory and enabling an attacker to send ...
CVE-2026-31866
flagd is a feature flag daemon with a Unix philosophy. Prior to 0.14.2, flagd exposes OFREP /ofrep/v1/evaluate/... and gRPC evaluation.v1, evaluation.v2 endpoints for feature flag evaluation. These endpoints are designed to be publicly accessible by client applications. The evaluation context...
CVE-2026-31866 Allocation of Resources Without Limits or Throttling in flagd
flagd is a feature flag daemon with a Unix philosophy. Prior to 0.14.2, flagd exposes OFREP /ofrep/v1/evaluate/... and gRPC evaluation.v1, evaluation.v2 endpoints for feature flag evaluation. These endpoints are designed to be publicly accessible by client applications. The evaluation context...
EUVD-2026-11269
flagd Vulnerable to Allocation of Resources Without Limits or Throttling...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the evaluation endpoints, including /ofrep/v1/evaluate/flags/flagKey, /ofrep/v1/evaluate/flags, and various gRPC methods. An attacker can cause memory exhaustion and process...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the evaluation endpoints, including /ofrep/v1/evaluate/flags/flagKey, /ofrep/v1/evaluate/flags, and various gRPC methods. An attacker can cause memory exhaustion and process...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the evaluation endpoints, including /ofrep/v1/evaluate/flags/flagKey, /ofrep/v1/evaluate/flags, and various gRPC methods. An attacker can cause memory exhaustion and process...
PT-2026-24688
Name of the Vulnerable Software and Affected Versions flagd versions prior to 0.14.2 Description flagd, a feature flag daemon, exposes OFREP '/ofrep/v1/evaluate/...' and gRPC evaluation.v1, evaluation.v2 endpoints for feature flag evaluation. These endpoints are designed for public access by clie...
OpenFeature flagd 安全漏洞
OpenFeature flagd is a daemon process developed by OpenFeature Corporation. Versions of flagd prior to 0.14.2 contained a security vulnerability. This vulnerability stemmed from the lack of size restrictions on the evaluation context in the request payload, which could lead to memory exhaustion a...
GO-2026-4279 flagd: Multiple Go Runtime CVEs Impact Security and Availability in github.com/open-feature/flagd/core
flagd: Multiple Go Runtime CVEs Impact Security and Availability in github.com/open-feature/flagd/core...
EUVD-2026-0859
flagd: Multiple Go Runtime CVEs Impact Security and Availability...
Malicious code in flagd-playground (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 48e70fd6860510489563cf6789b2fee0dfb75544c1e1dfaef731b0b5df5b34dd Any computer that has this package installed or running should be considered...
MAL-2025-4743 Malicious code in flagd-playground (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 48e70fd6860510489563cf6789b2fee0dfb75544c1e1dfaef731b0b5df5b34dd Any computer that has this package installed or running should be considered...