HIGH 7.5

PYSEC-2022-43054

Details

An access control issue in the component /ManageRoute/postRoute of FreeTAKServer v1.9.8 allows unauthenticated attackers to cause a Denial of Service (DoS) via an unusually large amount of created routes, or create unsafe or false routes for legitimate users.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / freetakserver

Introduced in: 0

No fixed version published yet for freetakserver (pip). Pin to a known-safe version or switch to an alternative.

References

https://github.com/FreeTAKTeam/FreeTakServer/issues/291 [EVIDENCE]
https://github.com/FreeTAKTeam/FreeTakServer/issues/291 [REPORT]
https://github.com/advisories/GHSA-hggv-mcp4-vxc5 [ADVISORY]