CWE-400
DiscouragedUncontrolled Resource Consumption
Abstraction: Class · Status: Draft
The product does not properly control the allocation and maintenance of a limited resource.
5433 vulnerabilities reference this CWE, most recent first.
GHSA-Q37H-27PV-WPMC
Vulnerability from github – Published: 2026-01-20 15:33 – Updated: 2026-02-02 18:31A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles Comprehensive step limit storm tests, the device reboots
{
"affected": [],
"aliases": [
"CVE-2025-9281"
],
"database_specific": {
"cwe_ids": [
"CWE-400"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-20T14:16:10Z",
"severity": "HIGH"
},
"details": "A security issue exists within ArmorStart\u00ae LT that can result in a denial-of-service condition. During execution of the Achilles Comprehensive step limit storm tests, the device reboots",
"id": "GHSA-q37h-27pv-wpmc",
"modified": "2026-02-02T18:31:31Z",
"published": "2026-01-20T15:33:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9281"
},
{
"type": "WEB",
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1768.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-Q37V-9P49-P44F
Vulnerability from github – Published: 2024-02-03 03:30 – Updated: 2025-11-04 00:30IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) is vulnerable to a denial of service attacks on the DSC server. IBM X-Force ID: 254776.
{
"affected": [],
"aliases": [
"CVE-2023-31006"
],
"database_specific": {
"cwe_ids": [
"CWE-400"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-03T01:15:08Z",
"severity": "MODERATE"
},
"details": "IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) is vulnerable to a denial of service attacks on the DSC server. IBM X-Force ID: 254776.",
"id": "GHSA-q37v-9p49-p44f",
"modified": "2025-11-04T00:30:45Z",
"published": "2024-02-03T03:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31006"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254776"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7106586"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2024/Nov/0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-Q39W-9WFH-WWJF
Vulnerability from github – Published: 2023-05-10 15:30 – Updated: 2024-04-04 03:59Uncontrolled resource consumption in the Intel(R) Connect M Android application before version 1.82 may allow an authenticated user to potentially enable denial of service via local access.
{
"affected": [],
"aliases": [
"CVE-2022-41801"
],
"database_specific": {
"cwe_ids": [
"CWE-400"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-10T14:15:21Z",
"severity": "MODERATE"
},
"details": "Uncontrolled resource consumption in the Intel(R) Connect M Android application before version 1.82 may allow an authenticated user to potentially enable denial of service via local access.",
"id": "GHSA-q39w-9wfh-wwjf",
"modified": "2024-04-04T03:59:50Z",
"published": "2023-05-10T15:30:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41801"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00779.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-Q3FC-6X2V-6PH8
Vulnerability from github – Published: 2022-05-24 17:04 – Updated: 2022-12-14 21:30kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.)
{
"affected": [],
"aliases": [
"CVE-2019-19922"
],
"database_specific": {
"cwe_ids": [
"CWE-400"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-12-22T20:15:00Z",
"severity": "LOW"
},
"details": "kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.)",
"id": "GHSA-q3fc-6x2v-6ph8",
"modified": "2022-12-14T21:30:18Z",
"published": "2022-05-24T17:04:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19922"
},
{
"type": "WEB",
"url": "https://github.com/kubernetes/kubernetes/issues/67577"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/de53fd7aedb100f03e5d2231cfce0e4993282425"
},
{
"type": "WEB",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de53fd7aedb100f03e5d2231cfce0e4993282425"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"type": "WEB",
"url": "https://relistan.com/the-kernel-may-be-slowing-down-your-app"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20200204-0002"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4226-1"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-Q3FV-X8VG-QQM4
Vulnerability from github – Published: 2026-07-14 19:52 – Updated: 2026-07-14 19:52Summary
When Trivy scans a Helm chart archive (.tgz), its custom tar unpacker reads each entry with io.ReadAll(tr) and no size limit. An attacker who can place a malicious .tgz file in the scanned path can craft a small compressed archive that decompresses to gigabytes, causing the Trivy process to be killed by the OS OOM killer.
Affected configurations
Exploitation requires the attacker to place a crafted .tgz file in a location that Trivy will scan as a Helm chart. This applies to the following scan targets:
| Command | Condition |
|---|---|
trivy config <dir> |
Directory contains a crafted .tgz Helm chart (misconfiguration scanning is always enabled) |
trivy filesystem --scanners misconf <dir> |
Directory contains a crafted .tgz Helm chart and --scanners misconf is explicitly enabled |
trivy image --scanners misconf <image> |
Image contains a crafted .tgz Helm chart and --scanners misconf is explicitly enabled |
Realistic scenarios include:
- A CI pipeline that runs trivy config . on a repository where a contributor can submit a pull request containing a crafted chart archive.
- A pipeline that scans a container image with --scanners misconf, whose build context includes untrusted .tgz files.
Impact
An attacker who satisfies the conditions above can exhaust all available memory on the host running Trivy. The OS OOM killer will terminate the Trivy process and may affect other processes sharing the same host or CI runner.
The practical impact in CI environments is denial of service: the scan fails, the pipeline is blocked, and repeated submissions re-trigger the same condition. Cloud CI runners may also incur additional costs for consumed resources.
There is no impact on confidentiality or integrity of the scanned system.
Patches
Fixed in Trivy v0.71.0 (#10718). The custom tar unpacker was replaced with archive.LoadArchiveFiles from the official helm.sh/helm/v4 SDK, which enforces per-entry and total size limits and validates archive structure. Users should upgrade to v0.71.0 or later.
Workarounds
If upgrading is not immediately possible:
- Set a memory limit (cgroup/container) on the Trivy process to bound the blast radius.
- Use --skip-dirs to exclude directories containing untrusted Helm chart archives from the scan.
- Avoid scanning repositories or images with untrusted .tgz files.
Credits
Reported by @jamesgol.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/aquasecurity/trivy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.71.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-54448"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-770",
"CWE-789"
],
"github_reviewed": true,
"github_reviewed_at": "2026-07-14T19:52:14Z",
"nvd_published_at": "2026-06-25T17:16:41Z",
"severity": "HIGH"
},
"details": "## Summary\n\nWhen Trivy scans a Helm chart archive (`.tgz`), its custom tar unpacker reads each entry with `io.ReadAll(tr)` and no size limit. An attacker who can place a malicious `.tgz` file in the scanned path can craft a small compressed archive that decompresses to gigabytes, causing the Trivy process to be killed by the OS OOM killer.\n\n## Affected configurations\n\nExploitation requires the attacker to place a crafted `.tgz` file in a location that Trivy will scan as a Helm chart. This applies to the following scan targets:\n\n| Command | Condition |\n| --- | --- |\n| `trivy config \u003cdir\u003e` | Directory contains a crafted `.tgz` Helm chart (misconfiguration scanning is always enabled) |\n| `trivy filesystem --scanners misconf \u003cdir\u003e` | Directory contains a crafted `.tgz` Helm chart **and** `--scanners misconf` is explicitly enabled |\n| `trivy image --scanners misconf \u003cimage\u003e` | Image contains a crafted `.tgz` Helm chart **and** `--scanners misconf` is explicitly enabled |\n\nRealistic scenarios include:\n- A CI pipeline that runs `trivy config .` on a repository where a contributor can submit a pull request containing a crafted chart archive.\n- A pipeline that scans a container image with `--scanners misconf`, whose build context includes untrusted `.tgz` files.\n\n## Impact\n\nAn attacker who satisfies the conditions above can exhaust all available memory on the host running Trivy. The OS OOM killer will terminate the Trivy process and may affect other processes sharing the same host or CI runner.\n\nThe practical impact in CI environments is denial of service: the scan fails, the pipeline is blocked, and repeated submissions re-trigger the same condition. Cloud CI runners may also incur additional costs for consumed resources.\n\nThere is no impact on confidentiality or integrity of the scanned system.\n\n## Patches\n\nFixed in Trivy `v0.71.0` (#10718). The custom tar unpacker was replaced with `archive.LoadArchiveFiles` from the official `helm.sh/helm/v4` SDK, which enforces per-entry and total size limits and validates archive structure. Users should upgrade to `v0.71.0` or later.\n\n## Workarounds\n\nIf upgrading is not immediately possible:\n- Set a memory limit (cgroup/container) on the Trivy process to bound the blast radius.\n- Use `--skip-dirs` to exclude directories containing untrusted Helm chart archives from the scan.\n- Avoid scanning repositories or images with untrusted `.tgz` files.\n\n## Credits\n\nReported by @jamesgol.",
"id": "GHSA-q3fv-x8vg-qqm4",
"modified": "2026-07-14T19:52:14Z",
"published": "2026-07-14T19:52:14Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aquasecurity/trivy/security/advisories/GHSA-q3fv-x8vg-qqm4"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-54448"
},
{
"type": "WEB",
"url": "https://github.com/aquasecurity/trivy/pull/10718"
},
{
"type": "WEB",
"url": "https://github.com/aquasecurity/trivy/commit/441251e51ae46cbcf7f436547e0a5766b25328b4"
},
{
"type": "PACKAGE",
"url": "https://github.com/aquasecurity/trivy"
},
{
"type": "WEB",
"url": "https://github.com/aquasecurity/trivy/releases/tag/v0.71.0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Trivy: Helm chart tar bomb causes OOM via unbounded io.ReadAll in parser"
}
GHSA-Q3GM-PQP8-WXCJ
Vulnerability from github – Published: 2022-05-24 17:36 – Updated: 2022-05-24 17:36Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when deserializing transactions.
{
"affected": [],
"aliases": [
"CVE-2018-1000893"
],
"database_specific": {
"cwe_ids": [
"CWE-400"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-12-23T17:15:00Z",
"severity": "HIGH"
},
"details": "Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when deserializing transactions.",
"id": "GHSA-q3gm-pqp8-wxcj",
"modified": "2022-05-24T17:36:58Z",
"published": "2022-05-24T17:36:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000893"
},
{
"type": "WEB",
"url": "https://bitcoinsv.io/2019/03/01/denial-of-service-vulnerabilities-repaired-in-bitcoin-sv-version-0-1-1"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-Q3GW-8236-5JW4
Vulnerability from github – Published: 2025-03-20 12:32 – Updated: 2025-03-22 00:04In mlflow/mlflow version v2.13.2, a vulnerability exists that allows the creation or renaming of an experiment with a large number of integers in its name due to the lack of a limit on the experiment name. This can cause the MLflow UI panel to become unresponsive, leading to a potential denial of service. Additionally, there is no character limit in the artifact_location parameter while creating the experiment.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "mlflow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.13.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-6838"
],
"database_specific": {
"cwe_ids": [
"CWE-400"
],
"github_reviewed": true,
"github_reviewed_at": "2025-03-22T00:04:01Z",
"nvd_published_at": "2025-03-20T10:15:33Z",
"severity": "MODERATE"
},
"details": "In mlflow/mlflow version v2.13.2, a vulnerability exists that allows the creation or renaming of an experiment with a large number of integers in its name due to the lack of a limit on the experiment name. This can cause the MLflow UI panel to become unresponsive, leading to a potential denial of service. Additionally, there is no character limit in the `artifact_location` parameter while creating the experiment.",
"id": "GHSA-q3gw-8236-5jw4",
"modified": "2025-03-22T00:04:01Z",
"published": "2025-03-20T12:32:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6838"
},
{
"type": "PACKAGE",
"url": "https://github.com/mlflow/mlflow"
},
{
"type": "WEB",
"url": "https://huntr.com/bounties/8ad52cb2-2cda-4eb0-aec9-586060ee43e0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
],
"summary": "MLflow Uncontrolled Resource Consumption vulnerability"
}
GHSA-Q3J6-22WF-3JH9
Vulnerability from github – Published: 2023-05-11 20:39 – Updated: 2023-05-11 20:39This package has been moved to github.com/ipfs/boxo/bitswap, this vulnerability is tracked there: https://github.com/ipfs/boxo/security/advisories/GHSA-m974-xj4j-7qv5 (CVE-2023-25568)
Remediation
This is a two step process:
1. Apply one of:
- (recommended) upgrade from github.com/ipfs/go-bitswap to github.com/ipfs/boxo/bitswap.
- If you are still using github.com/ipfs/go-bitswap and cannot upgrade to boxo, you can upgrade to github.com/ipfs/go-bitswap@v0.12.0, this will replace the go-bitswap implementation by stubs which points to boxo.
2. Open https://github.com/ipfs/boxo/security/advisories/GHSA-m974-xj4j-7qv5 and then follow boxo's remediation section.
Vulnerable symbols
>= v0.9.0; < v0.12.0github.com/ipfs/go-bitswap/server/internal/decision.(*Engine).MessageReceivedgithub.com/ipfs/go-bitswap/server/internal/decision.(*Engine).NotifyNewBlocksgithub.com/ipfs/go-bitswap/server/internal/decision.(*Engine).findOrCreategithub.com/ipfs/go-bitswap/server/internal/decision.(*Engine).PeerConnectedv0.8.0github.com/ipfs/go-bitswap/internal/decision.(*Engine).MessageReceivedgithub.com/ipfs/go-bitswap/internal/decision.(*Engine).NotifyNewBlocksgithub.com/ipfs/go-bitswap/internal/decision.(*Engine).findOrCreategithub.com/ipfs/go-bitswap/internal/decision.(*Engine).PeerConnected< v0.8.0github.com/ipfs/go-bitswap/internal/decision.(*Engine).MessageReceivedgithub.com/ipfs/go-bitswap/internal/decision.(*Engine).receiveBlocksFromgithub.com/ipfs/go-bitswap/internal/decision.(*Engine).findOrCreategithub.com/ipfs/go-bitswap/internal/decision.(*Engine).PeerConnected
Workarounds
If you are using the stubs at github.com/ipfs/go-bitswap and not taking advantage of the features provided by the server, refactoring your code to use the new split API will allows you to run in a client-only mode using: github.com/ipfs/go-bitswap/client.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/ipfs/go-bitswap"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.12.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-770"
],
"github_reviewed": true,
"github_reviewed_at": "2023-05-11T20:39:55Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "This package has been moved to [`github.com/ipfs/boxo/bitswap`](https://pkg.go.dev/github.com/ipfs/boxo/bitswap), this vulnerability is tracked there: https://github.com/ipfs/boxo/security/advisories/GHSA-m974-xj4j-7qv5 (`CVE-2023-25568`)\n\n### Remediation\nThis is a two step process:\n1. Apply one of:\n - (**recommended**) upgrade from `github.com/ipfs/go-bitswap` to `github.com/ipfs/boxo/bitswap`.\n - If you are still using `github.com/ipfs/go-bitswap` and cannot upgrade to `boxo`, you can upgrade to `github.com/ipfs/go-bitswap@v0.12.0`, this will replace the `go-bitswap` implementation by stubs which points to `boxo`.\n2. Open https://github.com/ipfs/boxo/security/advisories/GHSA-m974-xj4j-7qv5 and then follow `boxo`\u0027s remediation section.\n\n### Vulnerable symbols\n- `\u003e= v0.9.0; \u003c v0.12.0`\n - `github.com/ipfs/go-bitswap/server/internal/decision.(*Engine).MessageReceived`\n - `github.com/ipfs/go-bitswap/server/internal/decision.(*Engine).NotifyNewBlocks`\n - `github.com/ipfs/go-bitswap/server/internal/decision.(*Engine).findOrCreate`\n - `github.com/ipfs/go-bitswap/server/internal/decision.(*Engine).PeerConnected`\n- `v0.8.0`\n - `github.com/ipfs/go-bitswap/internal/decision.(*Engine).MessageReceived`\n - `github.com/ipfs/go-bitswap/internal/decision.(*Engine).NotifyNewBlocks`\n - `github.com/ipfs/go-bitswap/internal/decision.(*Engine).findOrCreate`\n - `github.com/ipfs/go-bitswap/internal/decision.(*Engine).PeerConnected`\n- `\u003c v0.8.0`\n - `github.com/ipfs/go-bitswap/internal/decision.(*Engine).MessageReceived`\n - `github.com/ipfs/go-bitswap/internal/decision.(*Engine).receiveBlocksFrom`\n - `github.com/ipfs/go-bitswap/internal/decision.(*Engine).findOrCreate`\n - `github.com/ipfs/go-bitswap/internal/decision.(*Engine).PeerConnected`\n\n### Workarounds\nIf you are using the stubs at `github.com/ipfs/go-bitswap` and not taking advantage of the features provided by the server, refactoring your code to use the new split API will allows you to run in a client-only mode using: [`github.com/ipfs/go-bitswap/client`](https://pkg.go.dev/github.com/ipfs/go-bitswap/client).",
"id": "GHSA-q3j6-22wf-3jh9",
"modified": "2023-05-11T20:39:55Z",
"published": "2023-05-11T20:39:55Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/ipfs/boxo/security/advisories/GHSA-m974-xj4j-7qv5"
},
{
"type": "WEB",
"url": "https://github.com/ipfs/go-bitswap/security/advisories/GHSA-q3j6-22wf-3jh9"
},
{
"type": "WEB",
"url": "https://github.com/ipfs/go-libipfs/security/advisories/GHSA-m974-xj4j-7qv5"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25568"
},
{
"type": "WEB",
"url": "https://github.com/ipfs/boxo/commit/62cbac40b96f49e39cd7fedc77ee6b56adce4916"
},
{
"type": "WEB",
"url": "https://github.com/ipfs/boxo/commit/9cb5cb54d40b57084d1221ba83b9e6bb3fcc3197"
},
{
"type": "PACKAGE",
"url": "https://github.com/ipfs/go-bitswap"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "github.com/ipfs/go-bitswap vulnerable to DOS unbounded persistent memory leak"
}
GHSA-Q3RM-84J8-CVR4
Vulnerability from github – Published: 2025-07-15 21:31 – Updated: 2025-07-15 21:31Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
{
"affected": [],
"aliases": [
"CVE-2025-50102"
],
"database_specific": {
"cwe_ids": [
"CWE-400"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-15T20:15:46Z",
"severity": "MODERATE"
},
"details": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"id": "GHSA-q3rm-84j8-cvr4",
"modified": "2025-07-15T21:31:43Z",
"published": "2025-07-15T21:31:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-50102"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujul2025.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-Q3W8-9X53-FGRM
Vulnerability from github – Published: 2025-04-01 00:30 – Updated: 2025-11-03 21:33This issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory.
{
"affected": [],
"aliases": [
"CVE-2025-24211"
],
"database_specific": {
"cwe_ids": [
"CWE-400"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-31T23:15:19Z",
"severity": "CRITICAL"
},
"details": "This issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory.",
"id": "GHSA-q3w8-9x53-fgrm",
"modified": "2025-11-03T21:33:19Z",
"published": "2025-04-01T00:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24211"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122371"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122372"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122373"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122374"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122375"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122377"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122378"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Apr/10"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Apr/11"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Apr/12"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Apr/4"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Apr/5"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Apr/8"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Apr/9"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Design throttling mechanisms into the system architecture. The best protection is to limit the amount of resources that an unauthorized user can cause to be expended. A strong authentication and access control model will help prevent such attacks from occurring in the first place. The login application should be protected against DoS attacks as much as possible. Limiting the database access, perhaps by caching result sets, can help minimize the resources expended. To further limit the potential for a DoS attack, consider tracking the rate of requests received from users and blocking requests that exceed a defined rate threshold.
Mitigation
- Mitigation of resource exhaustion attacks requires that the target system either:
- The first of these solutions is an issue in itself though, since it may allow attackers to prevent the use of the system by a particular valid user. If the attacker impersonates the valid user, they may be able to prevent the user from accessing the server in question.
- The second solution is simply difficult to effectively institute -- and even when properly done, it does not provide a full solution. It simply makes the attack require more resources on the part of the attacker.
- recognizes the attack and denies that user further access for a given amount of time, or
- uniformly throttles all requests in order to make it more difficult to consume resources more quickly than they can again be freed.
Mitigation
Ensure that protocols have specific limits of scale placed on them.
Mitigation
Ensure that all failures in resource allocation place the system into a safe posture.
CAPEC-147: XML Ping of the Death
An attacker initiates a resource depletion attack where a large number of small XML messages are delivered at a sufficiently rapid rate to cause a denial of service or crash of the target. Transactions such as repetitive SOAP transactions can deplete resources faster than a simple flooding attack because of the additional resources used by the SOAP protocol and the resources necessary to process SOAP messages. The transactions used are immaterial as long as they cause resource utilization on the target. In other words, this is a normal flooding attack augmented by using messages that will require extra processing on the target.
CAPEC-227: Sustained Client Engagement
An adversary attempts to deny legitimate users access to a resource by continually engaging a specific resource in an attempt to keep the resource tied up as long as possible. The adversary's primary goal is not to crash or flood the target, which would alert defenders; rather it is to repeatedly perform actions or abuse algorithmic flaws such that a given resource is tied up and not available to a legitimate user. By carefully crafting a requests that keep the resource engaged through what is seemingly benign requests, legitimate users are limited or completely denied access to the resource.
CAPEC-492: Regular Expression Exponential Blowup
An adversary may execute an attack on a program that uses a poor Regular Expression(Regex) implementation by choosing input that results in an extreme situation for the Regex. A typical extreme situation operates at exponential time compared to the input size. This is due to most implementations using a Nondeterministic Finite Automaton(NFA) state machine to be built by the Regex algorithm since NFA allows backtracking and thus more complex regular expressions.