{"id":"CVE-2022-25891","details":"The package github.com/containrrr/shoutrrr/pkg/util before 0.6.0 are vulnerable to Denial of Service (DoS) via the util.PartitionMessage function. Exploiting this vulnerability is possible by sending exactly 2000, 4000, or 6000 characters messages.","aliases":["GHSA-477v-w82m-634j","GO-2022-0528"],"modified":"2026-04-02T07:54:08.174673Z","published":"2022-07-15T20:15:08.540Z","related":["SNYK-GOLANG-GITHUBCOMCONTAINRRRSHOUTRRRPKGUTIL-2849059"],"references":[{"type":"ADVISORY","url":"https://github.com/containrrr/shoutrrr/releases/tag/v0.6.0"},{"type":"FIX","url":"https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINRRRSHOUTRRRPKGUTIL-2849059"},{"type":"FIX","url":"https://github.com/containrrr/shoutrrr/commit/6a27056f9d7522a8b493216195cb7634bf4b5c42"},{"type":"FIX","url":"https://github.com/containrrr/shoutrrr/issues/240"},{"type":"FIX","url":"https://github.com/containrrr/shoutrrr/pull/242"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/containrrr/shoutrrr","events":[{"introduced":"0"},{"fixed":"84afd592143a0f94ab415d5d7415b8b0e739dcc4"},{"fixed":"6a27056f9d7522a8b493216195cb7634bf4b5c42"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"0.6.0"}]}}],"versions":["v0.1","v0.2","v0.3.0","v0.4.0","v0.4.1","v0.4.2","v0.4.3","v0.4.4","v0.5.0","v0.5.1","v0.5.2","v0.5.3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-25891.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}