It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2019-03-26T00:00:00
Updated: 2024-08-04T19:19:18.489Z
Reserved: 2019-01-03T00:00:00
Link: CVE-2019-3804
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-03-26T18:29:00.543
Modified: 2022-11-07T19:03:02.597
Link: CVE-2019-3804
Redhat