Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/07/08 6:40 a.m.6 views

CVE-2026-49098

A flaw was found in the Apache Camel Kafka Component. A remote attacker can exploit an improper input validation vulnerability by manipulating specific Kafka headers, such as kafka.OVERRIDETOPIC, when an HTTP consumer bridges into a Kafka producer. This allows the attacker to redirect messages to...

6.5CVSS6AI score0.00385EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/26 10:35 p.m.4 views

CVE-2026-27695

zae-limiter is a rate limiting library using the token bucket algorithm. Prior to version 0.10.1, all rate limit buckets for a single entity share the same DynamoDB partition key namespace/ENTITYid. A high-traffic entity can exceed DynamoDB's per-partition throughput limits 1,000 WCU/sec, causing...

5.3CVSS5.5AI score0.00228EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/25 10:31 p.m.6 views

EUVD-2026-8642

zae-limiter: DynamoDB hot partition throttling enables per-entity Denial of Service...

4.3CVSS5.2AI score0.00228EPSS
Exploits0References4
NVD
NVD
added 2026/02/25 3:20 p.m.14 views

CVE-2026-27695

zae-limiter is a rate limiting library using the token bucket algorithm. Prior to version 0.10.1, all rate limit buckets for a single entity share the same DynamoDB partition key namespace/ENTITYid. A high-traffic entity can exceed DynamoDB's per-partition throughput limits 1,000 WCU/sec, causing...

5.3CVSS0.00228EPSS
Exploits0References2
CVE
CVE
added 2026/02/25 2:56 p.m.21 views

CVE-2026-27695

The CVE concerns the zae-limiter rate limiter library. Prior to version 0.10.1 , all rate limit buckets for a single entity shared the DynamoDB partition key (namespace/ENTITY#{id}), which can cause throttling under high throughput and potentially affect co-located entities. The issue is fixed in...

5.3CVSS5.5AI score0.00228EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/02/25 12:0 a.m.9 views

zae-limiter 安全漏洞

Zae-limiter is a rate-limiting library open source by ZeroAE. Versions of Zae-limiter prior to 0.10.1 contained security vulnerabilities. These vulnerabilities stemmed from the fact that all rate-limiting buckets for a single entity shared the same DynamoDB partition key. This could lead to...

5.3CVSS5.8AI score0.00228EPSS
Exploits0References2
Rows per page
Query Builder