4 matches found
CVE-2026-31866
flagd is a feature flag daemon with a Unix philosophy. Prior to 0.14.2, flagd exposes OFREP /ofrep/v1/evaluate/... and gRPC evaluation.v1, evaluation.v2 endpoints for feature flag evaluation. These endpoints are designed to be publicly accessible by client applications. The evaluation context...
CVE-2026-31866 Allocation of Resources Without Limits or Throttling in flagd
flagd is a feature flag daemon with a Unix philosophy. Prior to 0.14.2, flagd exposes OFREP /ofrep/v1/evaluate/... and gRPC evaluation.v1, evaluation.v2 endpoints for feature flag evaluation. These endpoints are designed to be publicly accessible by client applications. The evaluation context...
CVE-2026-31866
CVE-2026-31866 affects the flagd feature flag daemon (prior to v0.14.2). The vulnerability is that the evaluation endpoints (OFREP /ofrep/v1/evaluate/… and gRPC evaluation.v1/v2) accept request bodies with no size limit, reading the evaluation context into memory and enabling an attacker to send ...
CVE-2026-31866 Allocation of Resources Without Limits or Throttling in flagd
flagd is a feature flag daemon with a Unix philosophy. Prior to 0.14.2, flagd exposes OFREP /ofrep/v1/evaluate/... and gRPC evaluation.v1, evaluation.v2 endpoints for feature flag evaluation. These endpoints are designed to be publicly accessible by client applications. The evaluation context...