Tag

Snappy

1 brief RSS

Prometheus Remote Read Endpoint Denial-of-Service Vulnerability

The Prometheus remote read endpoint is vulnerable to denial of service due to a missing validation of the declared decoded length in snappy-compressed request bodies, allowing unauthenticated attackers to exhaust memory resources.

go/github.com/prometheus/prometheus denial-of-service prometheus snappy

2r 1t 1c 2h ago