Vulnerabilities > CVE-2023-52075 - Improper Handling of Exceptional Conditions vulnerability in Revanced

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

revanced

CWE-755

NVD

Published: 2023-12-27

Updated: 2024-01-04

Summary

ReVanced API proxies requests needed to feed the ReVanced Manager and website with data. Up to and including commit 71f81f7f20cd26fd707335bca9838fa3e7df20d2, ReVanced API lacks error caching causing rate limit to be triggered thus increasing server load. This causes a denial of service for all users using the API. It is recommended to implement proper error caching.

Vulnerable Configurations

Part	Description	Count
Application	Revanced Revanced Revanced *	1

Common Weakness Enumeration (CWE)

CWE-755 - Improper Handling of Exceptional Conditions

References

https://github.com/ReVanced/revanced-api/security/advisories/GHSA-852x-grxp-8p3q