GHSA-76rv-2r9v-c5m6: zae-limiter: DynamoDB hot partition throttling enables per-entity Denial of Service
Summary
The zae-limiter library has a security flaw where all rate limit buckets for a single user share the same DynamoDB partition key (the identifier that determines which storage location holds the data), allowing a high-traffic user to exceed DynamoDB's write limits and cause service slowdowns for that user and potentially others sharing the same partition. This vulnerability affects multi-tenant systems, like shared LLM proxies (AI services shared across multiple customers), where one customer's heavy traffic can degrade service for others.
Solution / Mitigation
The source explicitly describes a remediation design called 'Pre-Shard Buckets' that includes: moving buckets to a new partition key format with sharding (`PK={ns}/BUCKET#{entity}#{resource}#{shard}, SK=#STATE`), auto-injecting a `wcu:1000` reserved limit on every bucket to track DynamoDB write pressure, implementing shard doubling (1→2→4→8) when capacity is exhausted, storing original limits on the bucket with effective limits derived by dividing by shard count, using random or round-robin shard selection with retry logic (maximum 2 retries), lazy shard creation on first access, discovering shards via GSI3 (a secondary index), and implementing a clean break migration with a schema version bump so old buckets are ignored and new buckets are created on first access.
Vulnerability Details
EPSS: 0.0%
Classification
Affected Packages
Related Issues
CVE-2022-29200: TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implem
CVE-2021-29541: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null p
Original source: https://github.com/advisories/GHSA-76rv-2r9v-c5m6
First tracked: February 25, 2026 at 11:00 PM
Classified by LLM (prompt v3) · confidence: 85%