5 matches found
CVE-2026-28342
OliveTin CVE-2026-28342 affects the PasswordHash API endpoint prior to version 3000.10.2, where unauthenticated users can issue concurrent password hashing requests to trigger heavy memory usage, exhausting container memory and causing service degradation or DoS. Root cause: hashing operations ar...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the PasswordHash API endpoint. An attacker can exhaust server memory and cause service disruption by sending multiple concurrent requests to trigger excessive memory allocation...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the PasswordHash API endpoint. An attacker can exhaust server memory and cause service disruption by sending multiple concurrent requests to trigger excessive memory allocation...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the PasswordHash API endpoint. An attacker can exhaust server memory and cause service disruption by sending multiple concurrent requests to trigger excessive memory allocation...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the PasswordHash API endpoint. An attacker can exhaust server memory and cause service disruption by sending multiple concurrent requests to trigger excessive memory allocation...