An authenticated user without any specific authorizations may be able to repeatedly invoke the features command where at a high volume may lead to resource depletion or generate high lock contention. This may result in denial of service and in rare cases could result in id field collisions.

Related CVEs

CVE-2021-32036

Key Information

GHSA ID

GHSA-4wcp-phx2-2w2x

Published

February 10, 2022 12:00 AM

Last Modified

January 23, 2024 6:31 PM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: July 6, 2025 6:30 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.