Resource exhaustion in Vantage6

CVE-2024-24769

vantage6 is an open-source infrastructure for privacy preserving analysis. Prior to version 5.0.0, users can reset their MFA token via API routes that send them an email. Currently the number of emails that is sent is not limited. This giv…

Vulnerability class: DoS (Denial of Service)