{"vulnerability": "CVE-2019-25072", "sightings": [{"uuid": "175cd59e-cfd0-4422-b74d-490c1824a9e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-25072", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11449", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2019-25072\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Due to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a significant amount of system resources, which may be used as a denial of service vector.\n\ud83d\udccf Published: 2022-12-27T21:13:24.222Z\n\ud83d\udccf Modified: 2025-04-11T16:40:25.817Z\n\ud83d\udd17 References:\n1. https://github.com/tendermint/tendermint/pull/3430\n2. https://github.com/tendermint/tendermint/commit/03085c2da23b179c4a51f59a03cb40aa4e85a613\n3. https://pkg.go.dev/vuln/GO-2020-0037", "creation_timestamp": "2025-04-11T16:50:56.000000Z"}, {"uuid": "691071c6-cbf8-46ad-a29f-9b90f1f0cbb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-25072", "type": "seen", "source": "https://t.me/cibsecurity/55455", "content": "\u203c CVE-2019-25072 \u203c\n\nDue to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a significant amount of system resources, which may be used as a denial of service vector.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-28T00:12:07.000000Z"}]}