Vulnerabilities > Tendermint > Tendermint > 0.19.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-27 | CVE-2019-25072 | Resource Exhaustion vulnerability in Tendermint Due to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a significant amount of system resources, which may be used as a denial of service vector. | 7.5 |
| 2020-04-10 | CVE-2020-5303 | Out-of-bounds Write vulnerability in Tendermint Tendermint before versions 0.33.3, 0.32.10, and 0.31.12 has a denial-of-service vulnerability. | 3.7 |