Common Weakness Enumeration

CWE-400

Discouraged

Uncontrolled Resource Consumption

Abstraction: Class · Status: Draft

The product does not properly control the allocation and maintenance of a limited resource.

5419 vulnerabilities reference this CWE, most recent first.

GHSA-JJG7-2V4V-X38H

Vulnerability from github – Published: 2024-04-11 21:32 – Updated: 2025-11-05 20:10
VLAI
Summary
Internationalized Domain Names in Applications (IDNA) vulnerable to denial of service from specially crafted inputs to idna.encode
Details

Impact

A specially crafted argument to the idna.encode() function could consume significant resources. This may lead to a denial-of-service.

Patches

The function has been refined to reject such strings without the associated resource consumption in version 3.7.

Workarounds

Domain names cannot exceed 253 characters in length, if this length limit is enforced prior to passing the domain to the idna.encode() function it should no longer consume significant resources. This is triggered by arbitrarily large inputs that would not occur in normal usage, but may be passed to the library assuming there is no preliminary input validation by the higher-level application.

References

  • https://huntr.com/bounties/93d78d07-d791-4b39-a845-cbfabc44aadb
Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "idna"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-3651"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1333",
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-04-11T21:32:40Z",
    "nvd_published_at": "2024-07-07T18:15:09Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nA specially crafted argument to the `idna.encode()` function could consume significant resources. This may lead to a denial-of-service.\n\n### Patches\nThe function has been refined to reject such strings without the associated resource consumption in version 3.7.\n\n### Workarounds\nDomain names cannot exceed 253 characters in length, if this length limit is enforced prior to passing the domain to the `idna.encode()` function it should no longer consume significant resources. This is triggered by arbitrarily large inputs that would not occur in normal usage, but may be passed to the library assuming there is no preliminary input validation by the higher-level application.\n\n### References\n* https://huntr.com/bounties/93d78d07-d791-4b39-a845-cbfabc44aadb",
  "id": "GHSA-jjg7-2v4v-x38h",
  "modified": "2025-11-05T20:10:47Z",
  "published": "2024-04-11T21:32:40Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/kjd/idna/security/advisories/GHSA-jjg7-2v4v-x38h"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3651"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/kjd/idna"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/idna/PYSEC-2024-60.yaml"
    },
    {
      "type": "WEB",
      "url": "https://huntr.com/bounties/93d78d07-d791-4b39-a845-cbfabc44aadb"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00006.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4YQUPYH3SVZ5GFF2CDQ55FCM575AZTF2"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2S5E23N6E52S46KGNYTDFB75LOC4N4D"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S5IDLLD2IKSIVRBSLB34WTSYGLMWUFWF"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULSC7HBJKXB3BZV367WM5BR6DFEC4Z43"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Internationalized Domain Names in Applications (IDNA) vulnerable to denial of service from specially crafted inputs to idna.encode"
}

GHSA-JJJH-JJXP-WPFF

Vulnerability from github – Published: 2022-10-03 00:00 – Updated: 2024-09-13 18:29
VLAI
Summary
Uncontrolled Resource Consumption in Jackson-databind
Details

In FasterXML jackson-databind 2.4.0-rc1 until 2.12.7.1 and in 2.13.x before 2.13.4.2 resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. This was patched in 2.12.7.1, 2.13.4.2, and 2.14.0.

Commits that introduced vulnerable code are https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45, https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1, and https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc.

Fix commits are https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea and https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33.

The 2.13.4.1 release does fix this issue, however it also references a non-existent jackson-bom which causes build failures for gradle users. See https://github.com/FasterXML/jackson-databind/issues/3627#issuecomment-1277957548 for details. This is fixed in 2.13.4.2 which is listed in the advisory metadata so that users are not subjected to unnecessary build failures

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.fasterxml.jackson.core:jackson-databind"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.0-rc1"
            },
            {
              "fixed": "2.12.7.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.fasterxml.jackson.core:jackson-databind"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.13.0"
            },
            {
              "fixed": "2.13.4.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-42003"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400",
      "CWE-502"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-10-04T21:55:46Z",
    "nvd_published_at": "2022-10-02T05:15:00Z",
    "severity": "HIGH"
  },
  "details": "In FasterXML jackson-databind 2.4.0-rc1 until 2.12.7.1 and in 2.13.x before 2.13.4.2 resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. This was patched in 2.12.7.1, 2.13.4.2, and 2.14.0.\n\nCommits that introduced vulnerable code are \nhttps://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45, https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1, and https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc.\n\nFix commits are https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea and https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33.\n\nThe `2.13.4.1` release does fix this issue, however it also references a non-existent jackson-bom which causes build failures for gradle users. See https://github.com/FasterXML/jackson-databind/issues/3627#issuecomment-1277957548 for details. This is fixed in `2.13.4.2` which is listed in the advisory metadata so that users are not subjected to unnecessary build failures",
  "id": "GHSA-jjjh-jjxp-wpff",
  "modified": "2024-09-13T18:29:13Z",
  "published": "2022-10-03T00:00:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FasterXML/jackson-databind/issues/3590"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FasterXML/jackson-databind/issues/3627"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FasterXML/jackson-databind/commit/2c4a601c626f7790cad9d3c322d244e182838288"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2022/dsa-5283"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20221124-0004"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202210-21"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.13.4.1...jackson-databind-2.13.4.2"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FasterXML/jackson-databind/commits/jackson-databind-2.4.0-rc1?after=75b97b8519f0d50c62523ad85170d80a197a2c86+174\u0026branch=jackson-databind-2.4.0-rc1\u0026qualified_name=refs%2Ftags%2Fjackson-databind-2.4.0-rc1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FasterXML/jackson-databind/blob/2.13/release-notes/VERSION-2.x"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/FasterXML/jackson-databind"
    },
    {
      "type": "WEB",
      "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51020"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Uncontrolled Resource Consumption in Jackson-databind"
}

GHSA-JJV7-QPX3-H62Q

Vulnerability from github – Published: 2017-10-24 18:33 – Updated: 2021-09-14 19:46
VLAI
Summary
Denial-of-Service Memory Exhaustion in qs
Details

Versions prior to 1.0 of qs are affected by a denial of service condition. This condition is triggered by parsing a crafted string that deserializes into very large sparse arrays, resulting in the process running out of memory and eventually crashing.

Recommendation

Update to version 1.0.0 or later.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "qs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2014-7191"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:43:41Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "Versions prior to 1.0 of `qs` are affected by a denial of service condition. This condition is triggered by parsing a crafted string that deserializes into very large sparse arrays, resulting in the process running out of memory and eventually crashing.\n\n\n## Recommendation\n\nUpdate to version 1.0.0 or later.",
  "id": "GHSA-jjv7-qpx3-h62q",
  "modified": "2021-09-14T19:46:47Z",
  "published": "2017-10-24T18:33:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7191"
    },
    {
      "type": "WEB",
      "url": "https://github.com/visionmedia/node-querystring/issues/104"
    },
    {
      "type": "WEB",
      "url": "https://github.com/raymondfeng/node-querystring/commit/43a604b7847e56bba49d0ce3e222fe89569354d8"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2016:1380"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96729"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-jjv7-qpx3-h62q"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/visionmedia/node-querystring"
    },
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/advisories/29"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/60026"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/62170"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685987"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687263"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687928"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "Denial-of-Service Memory Exhaustion in qs"
}

GHSA-JJV9-JVWP-XPW5

Vulnerability from github – Published: 2024-07-09 18:30 – Updated: 2024-07-09 18:30
VLAI
Details

Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-38015"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-09T17:15:27Z",
    "severity": "HIGH"
  },
  "details": "Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability",
  "id": "GHSA-jjv9-jvwp-xpw5",
  "modified": "2024-07-09T18:30:51Z",
  "published": "2024-07-09T18:30:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38015"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38015"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JM28-XR53-G5W5

Vulnerability from github – Published: 2026-06-17 18:35 – Updated: 2026-06-17 18:35
VLAI
Details

In multiple places, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-0064"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-17T13:19:25Z",
    "severity": "CRITICAL"
  },
  "details": "In multiple places, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.",
  "id": "GHSA-jm28-xr53-g5w5",
  "modified": "2026-06-17T18:35:45Z",
  "published": "2026-06-17T18:35:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0064"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/docs/security/bulletin/android-17"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-JM56-5FWR-8P7Q

Vulnerability from github – Published: 2023-10-31 06:30 – Updated: 2023-11-06 21:31
VLAI
Details

Artifex Software jbig2dec v0.20 was discovered to contain a SEGV vulnerability via jbig2_error at /jbig2dec/jbig2.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-46361"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-31T06:15:08Z",
    "severity": "MODERATE"
  },
  "details": "Artifex Software jbig2dec v0.20 was discovered to contain a SEGV vulnerability via jbig2_error at /jbig2dec/jbig2.c.",
  "id": "GHSA-jm56-5fwr-8p7q",
  "modified": "2023-11-06T21:31:07Z",
  "published": "2023-10-31T06:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46361"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Frank-Z7/z-vulnerabilitys/blob/main/jbig2dec-SEGV/jbig2dec-SEGV.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JM5C-RV3W-W83M

Vulnerability from github – Published: 2021-06-29 21:13 – Updated: 2025-01-30 14:38
VLAI
Summary
Denial of service in geth
Details

Impact

Denial-of-service (crash) during block processing

Details

Affected versions suffer from a vulnerability which can be exploited through the MULMOD operation, by specifying a modulo of 0: mulmod(a,b,0), causing a panic in the underlying library. The crash was in the uint256 library, where a buffer underflowed.

if `d == 0`, `dLen` remains `0`

and https://github.com/holiman/uint256/blob/4ce82e695c10ddad57215bdbeafb68b8c5df2c30/uint256.go#L451 will try to access index [-1].

The uint256 library was first merged in this commit, on 2020-06-08. Exploiting this vulnerabilty would cause all vulnerable nodes to drop off the network.

The issue was brought to our attention through a bug report, showing a panic occurring on sync from genesis on the Ropsten network.

It was estimated that the least obvious way to fix this would be to merge the fix into uint256, make a new release of that library and then update the geth-dependency.

  • https://github.com/holiman/uint256/releases/tag/v1.1.1 was made the same day,
  • PR to address the issue: https://github.com/holiman/uint256/pull/80
  • PR to update geth deps: https://github.com/ethereum/go-ethereum/pull/21368

Patches

Upgrade to v1.9.18 or higher

Workarounds

Not at this time

References

https://blog.ethereum.org/2020/11/12/geth_security_release/

For more information

If you have any questions or comments about this advisory: * Open an issue in go-ethereum * Email us at security@ethereum.org

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/ethereum/go-ethereum"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.9.16"
            },
            {
              "fixed": "1.9.18"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/holiman/uint256"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.1.0"
            },
            {
              "fixed": "1.1.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-26242"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-191",
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-05-21T21:50:44Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "### Impact\nDenial-of-service (crash) during block processing\n\n### Details\n\nAffected versions suffer from a vulnerability which can be exploited through the `MULMOD` operation, by specifying a modulo of `0`: `mulmod(a,b,0)`, causing a `panic` in the underlying library. \nThe crash was in the `uint256` library, where a buffer [underflowed](https://github.com/holiman/uint256/blob/4ce82e695c10ddad57215bdbeafb68b8c5df2c30/uint256.go#L442).\n\n\tif `d == 0`, `dLen` remains `0`\n\nand https://github.com/holiman/uint256/blob/4ce82e695c10ddad57215bdbeafb68b8c5df2c30/uint256.go#L451 will try to access index `[-1]`.\n\nThe `uint256` library was first merged in this [commit](https://github.com/ethereum/go-ethereum/commit/cf6674539c589f80031f3371a71c6a80addbe454), on 2020-06-08. \nExploiting this vulnerabilty would cause all vulnerable nodes to drop off the network. \n\nThe issue was brought to our attention through a [bug report](https://github.com/ethereum/go-ethereum/issues/21367), showing a `panic` occurring on sync from genesis on the Ropsten network.\n \nIt was estimated that the least obvious way to fix this would be to merge the fix into `uint256`, make a new release of that library and then update the geth-dependency.\n\n- https://github.com/holiman/uint256/releases/tag/v1.1.1 was made the same day, \n- PR to address the issue: https://github.com/holiman/uint256/pull/80 \n- PR to update geth deps: https://github.com/ethereum/go-ethereum/pull/21368 \n\n\n\n### Patches\n\nUpgrade to v1.9.18 or higher\n\n### Workarounds\n\nNot at this time\n\n### References\n\nhttps://blog.ethereum.org/2020/11/12/geth_security_release/\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [go-ethereum](https://github.com/ethereum/go-ethereum)\n* Email us at [security@ethereum.org](mailto:security@ethereum.org)\n",
  "id": "GHSA-jm5c-rv3w-w83m",
  "modified": "2025-01-30T14:38:53Z",
  "published": "2021-06-29T21:13:20Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-jm5c-rv3w-w83m"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26242"
    },
    {
      "type": "WEB",
      "url": "https://github.com/holiman/uint256/pull/80"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ethereum/go-ethereum/commit/7163a6664ee664df81b9028ab3ba13b9d65a7196"
    },
    {
      "type": "WEB",
      "url": "https://github.com/holiman/uint256/commit/6785da6e3eea403260a5760029e722aa4ff1716d"
    },
    {
      "type": "WEB",
      "url": "https://blog.ethereum.org/2020/11/12/geth_security_release"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ethereum/go-ethereum"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2021-0103"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Denial of service in geth"
}

GHSA-JM82-665G-74JP

Vulnerability from github – Published: 2025-03-20 12:32 – Updated: 2025-03-20 12:32
VLAI
Details

A Denial of Service (DoS) vulnerability was discovered in the file upload feature of gradio-app/gradio version 0.39.1. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large filename, the server becomes overwhelmed and unresponsive, leading to unavailability for legitimate users.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-0187"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-20T10:15:51Z",
    "severity": "HIGH"
  },
  "details": "A Denial of Service (DoS) vulnerability was discovered in the file upload feature of gradio-app/gradio version 0.39.1. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large filename, the server becomes overwhelmed and unresponsive, leading to unavailability for legitimate users.",
  "id": "GHSA-jm82-665g-74jp",
  "modified": "2025-03-20T12:32:52Z",
  "published": "2025-03-20T12:32:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0187"
    },
    {
      "type": "WEB",
      "url": "https://huntr.com/bounties/77f3ed54-9e1c-4d9f-948f-ee6f82e2fe24"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JM82-FX9C-MX94

Vulnerability from github – Published: 2026-06-18 14:28 – Updated: 2026-06-18 14:28
VLAI
Summary
pypdf: Missing stream length values ignore defined limits
Details

Impact

An attacker who uses this vulnerability can craft a PDF which leads to large memory usage, as MAX_DECLARED_STREAM_LENGTH is sometimes ignored. This requires parsing a content stream without a /Length value.

Patches

This has been fixed in pypdf==6.13.3.

Workarounds

If you cannot upgrade yet, consider applying the changes from PR #3871.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "pypdf"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.13.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-400",
      "CWE-770"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-06-18T14:28:49Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nAn attacker who uses this vulnerability can craft a PDF which leads to large memory usage, as `MAX_DECLARED_STREAM_LENGTH` is sometimes ignored. This requires parsing a content stream without a `/Length` value.\n\n### Patches\nThis has been fixed in [pypdf==6.13.3](https://github.com/py-pdf/pypdf/releases/tag/6.13.3).\n\n### Workarounds\nIf you cannot upgrade yet, consider applying the changes from PR [#3871](https://github.com/py-pdf/pypdf/pull/3871).",
  "id": "GHSA-jm82-fx9c-mx94",
  "modified": "2026-06-18T14:28:50Z",
  "published": "2026-06-18T14:28:49Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-jm82-fx9c-mx94"
    },
    {
      "type": "WEB",
      "url": "https://github.com/py-pdf/pypdf/pull/3871"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/py-pdf/pypdf"
    },
    {
      "type": "WEB",
      "url": "https://github.com/py-pdf/pypdf/releases/tag/6.13.3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "pypdf: Missing stream length values ignore defined limits"
}

GHSA-JMHJ-VH4Q-HHMQ

Vulnerability from github – Published: 2022-05-03 03:47 – Updated: 2022-05-26 19:39
VLAI
Summary
tkvideo has a memory issue in playing videos
Details

Huge memory consumption even when playing small files. This issue has been patched in 2.0.0. Please upgrade to version 2.0.0 or above.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tkvideoplayer"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-24902"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-05-03T03:47:34Z",
    "nvd_published_at": "2022-05-06T00:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Huge memory consumption even when playing small files. This issue has been patched in 2.0.0. Please upgrade to version 2.0.0 or above.",
  "id": "GHSA-jmhj-vh4q-hhmq",
  "modified": "2022-05-26T19:39:51Z",
  "published": "2022-05-03T03:47:34Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/PaulleDemon/tkVideoPlayer/security/advisories/GHSA-jmhj-vh4q-hhmq"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24902"
    },
    {
      "type": "WEB",
      "url": "https://github.com/PaulleDemon/tkVideoPlayer/issues/3"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/PaulleDemon/tkVideoPlayer/issues"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tkvideoplayer/PYSEC-2022-187.yaml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "tkvideo has a memory issue in playing videos"
}

Mitigation
Architecture and Design

Design throttling mechanisms into the system architecture. The best protection is to limit the amount of resources that an unauthorized user can cause to be expended. A strong authentication and access control model will help prevent such attacks from occurring in the first place. The login application should be protected against DoS attacks as much as possible. Limiting the database access, perhaps by caching result sets, can help minimize the resources expended. To further limit the potential for a DoS attack, consider tracking the rate of requests received from users and blocking requests that exceed a defined rate threshold.

Mitigation
Architecture and Design
  • Mitigation of resource exhaustion attacks requires that the target system either:
  • The first of these solutions is an issue in itself though, since it may allow attackers to prevent the use of the system by a particular valid user. If the attacker impersonates the valid user, they may be able to prevent the user from accessing the server in question.
  • The second solution is simply difficult to effectively institute -- and even when properly done, it does not provide a full solution. It simply makes the attack require more resources on the part of the attacker.
  • recognizes the attack and denies that user further access for a given amount of time, or
  • uniformly throttles all requests in order to make it more difficult to consume resources more quickly than they can again be freed.
Mitigation
Architecture and Design

Ensure that protocols have specific limits of scale placed on them.

Mitigation
Implementation

Ensure that all failures in resource allocation place the system into a safe posture.

CAPEC-147: XML Ping of the Death

An attacker initiates a resource depletion attack where a large number of small XML messages are delivered at a sufficiently rapid rate to cause a denial of service or crash of the target. Transactions such as repetitive SOAP transactions can deplete resources faster than a simple flooding attack because of the additional resources used by the SOAP protocol and the resources necessary to process SOAP messages. The transactions used are immaterial as long as they cause resource utilization on the target. In other words, this is a normal flooding attack augmented by using messages that will require extra processing on the target.

CAPEC-227: Sustained Client Engagement

An adversary attempts to deny legitimate users access to a resource by continually engaging a specific resource in an attempt to keep the resource tied up as long as possible. The adversary's primary goal is not to crash or flood the target, which would alert defenders; rather it is to repeatedly perform actions or abuse algorithmic flaws such that a given resource is tied up and not available to a legitimate user. By carefully crafting a requests that keep the resource engaged through what is seemingly benign requests, legitimate users are limited or completely denied access to the resource.

CAPEC-492: Regular Expression Exponential Blowup

An adversary may execute an attack on a program that uses a poor Regular Expression(Regex) implementation by choosing input that results in an extreme situation for the Regex. A typical extreme situation operates at exponential time compared to the input size. This is due to most implementations using a Nondeterministic Finite Automaton(NFA) state machine to be built by the Regex algorithm since NFA allows backtracking and thus more complex regular expressions.