CVE-2023-52075— ReVanced API vulnerable to Denial of Service due to lack of error caching
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-52075
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ReVanced API vulnerable to Denial of Service due to lack of error caching
Source: NVD (National Vulnerability Database)
Vulnerability Description
ReVanced API proxies requests needed to feed the ReVanced Manager and website with data. Up to and including commit 71f81f7f20cd26fd707335bca9838fa3e7df20d2, ReVanced API lacks error caching causing rate limit to be triggered thus increasing server load. This causes a denial of service for all users using the API. It is recommended to implement proper error caching.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
对异常条件的处理不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
ReVanced API 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
ReVanced API是一个简单的 API,用于代理向 ReVanced Manager 和网站提供数据所需的请求。 ReVanced API 71f81f7f20cd26fd707335bca9838fa3e7df20d2及之前版本存在安全漏洞,该漏洞源于缺少错误缓存,导致触发速率限制,从而增加服务器负载,造成拒绝服务(DOS)。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| ReVanced | revanced-api | <= 71f81f7f20cd26fd707335bca9838fa3e7df20d2 | - |
II. Public POCs for CVE-2023-52075
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-52075
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same weakness: CWE-755
- CVE-2026-23666
.NET Framework Denial of Service Vulnerability - CVE-2026-40074
SvelteKit's invalidated redirect in handle hook causes Denia - CVE-2026-28542
Huawei EMUI和Huawei HarmonyOS 安全漏洞 - CVE-2026-27195
Wasmtime is vulnerable to panic when dropping a `[Typed]Func - CVE-2026-27586
Caddy's mTLS client authentication silently fails open when
V. Comments for CVE-2023-52075
No comments yet