Pathway
Monthly
Denial of service in Pathway data-processing framework (versions through 0.31.1) lets a remote unauthenticated attacker exhaust CPU by submitting a short glob pattern packed with many ** tokens to the document store's /v1/retrieve, /v1/inputs and /v2/answer endpoints. The hand-written recursive matcher branches exponentially on each ** without memoization, so a handful of crafted requests can stall the service for tens of seconds each and deny availability. Publicly available exploit code exists and a vendor patch (commit d09722e) is available; the flaw is not listed in CISA KEV.
Denial of service in Pathway data-processing framework (versions through 0.31.1) lets a remote unauthenticated attacker exhaust CPU by submitting a short glob pattern packed with many ** tokens to the document store's /v1/retrieve, /v1/inputs and /v2/answer endpoints. The hand-written recursive matcher branches exponentially on each ** without memoization, so a handful of crafted requests can stall the service for tens of seconds each and deny availability. Publicly available exploit code exists and a vendor patch (commit d09722e) is available; the flaw is not listed in CISA KEV.