GHSA-V25J-WQCW-FVHJ: GHSA-V25J-WQCW-FVHJ: Uncontrolled Resource Consumption via Unbounded Date Se…

1 / 2

GHSA-V25J-WQCW-FVHJ: GHSA-V25J-WQCW-FVHJ: Uncontrolled Resource Consumption via Unbounded Date Sequences in wger

DEV Community·CVE Reports·19 days ago

#HKSojOaK

#security #cve #cybersecurity #ghsa #wger #date

Reading 0:00

15s threshold

GHSA-V25J-WQCW-FVHJ: Uncontrolled Resource Consumption via Unbounded Date Sequences in wger Vulnerability ID: GHSA-V25J-WQCW-FVHJ CVSS Score: 7.5 Published: 2026-05-13 wger is susceptible to an authenticated Denial of Service (DoS) vulnerability due to uncontrolled resource consumption (CWE-400). The flaw resides in the application's handling of date sequences within routine configurations, allowing authenticated attackers to exhaust server resources by defining enormous date ranges. TL;DR Authenticated attackers can trigger a Denial of Service by creating workout routines with excessively large date ranges, causing unbounded loops that exhaust server CPU and worker threads.…

Continue reading — create a free account

Join HashtagPLUS to read full articles, follow hashtags, vote, and join the conversation.

Create free account Log in

Menu

GHSA-V25J-WQCW-FVHJ: GHSA-V25J-WQCW-FVHJ: Uncontrolled Resource Consumption via Unbounded Date Sequences in wger