Common Weakness Enumeration

CWE-772

Allowed

Missing Release of Resource after Effective Lifetime

Abstraction: Base · Status: Draft

The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.

567 vulnerabilities reference this CWE, most recent first.

GHSA-995V-FVRW-C78M

Vulnerability from github – Published: 2026-05-28 17:19 – Updated: 2026-07-15 21:49
VLAI
Summary
opentelemetry-go's Schema ParseFile leaks file descriptors on each parse
Details

Summary

go.opentelemetry.io/otel/schema/v1.0 and go.opentelemetry.io/otel/schema/v1.1 leaks one file descriptor on each successful ParseFile call. ParseFile opens the schema file and passes it to Parse without closing it; repeated parsing in a long-running process can exhaust the process file descriptor limit and cause denial of service. The severity is low because exploitation depends on a consuming application exposing repeated schema parsing to an attacker-controlled path.

Introduced in commit: e72a235

Details

In schema/v1.0/parser.go:41-47, ParseFile opens the requested schema path with os.Open and then returns Parse(file) without a defer file.Close() or other close path:

file, err := os.Open(schemaFilePath)
if err != nil {
    return nil, err
}
return Parse(file)

The validation evidence also identifies schema/v1.0/parser.go:50-73: Parse accepts an io.Reader, decodes from it, and does not close it. Ownership of the opened file is therefore not transferred to Parse, leaving the descriptor open until the Go runtime eventually finalizes the file object. With repeated ParseFile calls, descriptors can accumulate until the process receives EMFILE / "too many open files".

PoC

validation-artifact.zip

The local artifact validation-artifact.zip contains:

  • leak_poc.go: PoC source that repeatedly calls schema.ParseFile("schema/v1.0/testdata/valid-example.yaml") and prints /proc/self/fd counts.
  • LEAK_POC_README.txt: reproduction notes.
  • leak_poc_run.log: captured attempted run; the local offline environment failed before execution because Go module download from proxy.golang.org was forbidden.

Reproduce from the root of a checkout of pellared/opentelemetry-go at commit e72a235 with Go module dependencies already available:

/bin/sh -c 'ulimit -n 256; GOGC=off go run leak_poc.go'

Configuration:

  • File descriptor soft limit: 256
  • Garbage collection: disabled with GOGC=off so leaked descriptors are not reclaimed during the loop
  • Schema file: schema/v1.0/testdata/valid-example.yaml

Expected output is increasing descriptor counts followed by an EMFILE failure, for example:

iter 0 fds 7
iter 50 fds 57
iter 100 fds 107
...
panic: iteration 248: open schema/v1.0/testdata/valid-example.yaml: too many open files

The exact initial descriptor count and failing iteration can vary by OS and process state.

Impact

This is a file descriptor resource leak leading to availability loss. Applications that call schema.ParseFile repeatedly, especially through a runtime reload or request-controlled path, can exhaust their process file descriptor table and fail subsequent file, socket, or other descriptor operations. Impact is limited to denial of service of the consuming process; the evidence does not show confidentiality or integrity impact.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.0.16"
      },
      "package": {
        "ecosystem": "Go",
        "name": "go.opentelemetry.io/otel/schema/v1.1"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.0.17"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.0.16"
      },
      "package": {
        "ecosystem": "Go",
        "name": "go.opentelemetry.io/otel/schema/v1.0"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.0.17"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "go.opentelemetry.io/otel/schema"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.0.17"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-45287"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-772",
      "CWE-775"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-28T17:19:10Z",
    "nvd_published_at": "2026-06-04T16:16:38Z",
    "severity": "LOW"
  },
  "details": "### Summary\n\n`go.opentelemetry.io/otel/schema/v1.0` and `go.opentelemetry.io/otel/schema/v1.1` leaks one file descriptor on each successful `ParseFile` call. `ParseFile` opens the schema file and passes it to `Parse` without closing it; repeated parsing in a long-running process can exhaust the process file descriptor limit and cause denial of service. The severity is low because exploitation depends on a consuming application exposing repeated schema parsing to an attacker-controlled path.\n\nIntroduced in commit: e72a235\n\n### Details\n\nIn `schema/v1.0/parser.go:41-47`, `ParseFile` opens the requested schema path with `os.Open` and then returns `Parse(file)` without a `defer file.Close()` or other close path:\n\n```go\nfile, err := os.Open(schemaFilePath)\nif err != nil {\n\treturn nil, err\n}\nreturn Parse(file)\n```\n\nThe validation evidence also identifies `schema/v1.0/parser.go:50-73`: `Parse` accepts an `io.Reader`, decodes from it, and does not close it. Ownership of the opened file is therefore not transferred to `Parse`, leaving the descriptor open until the Go runtime eventually finalizes the file object. With repeated `ParseFile` calls, descriptors can accumulate until the process receives `EMFILE` / \"too many open files\".\n\n### PoC\n\n[validation-artifact.zip](https://github.com/user-attachments/files/27494463/validation-artifact.zip)\n\nThe local artifact `validation-artifact.zip` contains:\n\n- `leak_poc.go`: PoC source that repeatedly calls `schema.ParseFile(\"schema/v1.0/testdata/valid-example.yaml\")` and prints `/proc/self/fd` counts.\n- `LEAK_POC_README.txt`: reproduction notes.\n- `leak_poc_run.log`: captured attempted run; the local offline environment failed before execution because Go module download from `proxy.golang.org` was forbidden.\n\nReproduce from the root of a checkout of `pellared/opentelemetry-go` at commit `e72a235` with Go module dependencies already available:\n\n```sh\n/bin/sh -c \u0027ulimit -n 256; GOGC=off go run leak_poc.go\u0027\n```\n\nConfiguration:\n\n- File descriptor soft limit: `256`\n- Garbage collection: disabled with `GOGC=off` so leaked descriptors are not reclaimed during the loop\n- Schema file: `schema/v1.0/testdata/valid-example.yaml`\n\nExpected output is increasing descriptor counts followed by an `EMFILE` failure, for example:\n\n```text\niter 0 fds 7\niter 50 fds 57\niter 100 fds 107\n...\npanic: iteration 248: open schema/v1.0/testdata/valid-example.yaml: too many open files\n```\n\nThe exact initial descriptor count and failing iteration can vary by OS and process state.\n\n### Impact\n\nThis is a file descriptor resource leak leading to availability loss. Applications that call `schema.ParseFile` repeatedly, especially through a runtime reload or request-controlled path, can exhaust their process file descriptor table and fail subsequent file, socket, or other descriptor operations. Impact is limited to denial of service of the consuming process; the evidence does not show confidentiality or integrity impact.",
  "id": "GHSA-995v-fvrw-c78m",
  "modified": "2026-07-15T21:49:11Z",
  "published": "2026-05-28T17:19:10Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/open-telemetry/opentelemetry-go/security/advisories/GHSA-995v-fvrw-c78m"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45287"
    },
    {
      "type": "WEB",
      "url": "https://github.com/open-telemetry/opentelemetry-go/commit/e72a235518cb773137efd80336a179028bc34684"
    },
    {
      "type": "WEB",
      "url": "https://github.com/open-telemetry/opentelemetry-go/commit/f12d198f161b61735d65705248715aa97021ba8d"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/open-telemetry/opentelemetry-go"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "opentelemetry-go\u0027s Schema ParseFile leaks file descriptors on each parse"
}

GHSA-9F3X-V4X9-4G32

Vulnerability from github – Published: 2022-05-13 01:47 – Updated: 2022-05-13 01:47
VLAI
Details

The function coff_set_alignment_hook in coffcode.h in Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dump_relocs_in_section in objdump.c can resolve this.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-8421"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-772"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-05-02T17:59:00Z",
    "severity": "HIGH"
  },
  "details": "The function coff_set_alignment_hook in coffcode.h in Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dump_relocs_in_section in objdump.c can resolve this.",
  "id": "GHSA-9f3x-v4x9-4g32",
  "modified": "2022-05-13T01:47:31Z",
  "published": "2022-05-13T01:47:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8421"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201709-02"
    },
    {
      "type": "WEB",
      "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21440"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9F6G-GW86-9Q96

Vulnerability from github – Published: 2022-05-13 01:43 – Updated: 2022-05-13 01:43
VLAI
Details

In Symantec Endpoint Encryption before SEE 11.1.3HF3, a kernel memory leak is a type of resource leak that can occur when a computer program incorrectly manages memory allocations in such a way that memory which is no longer needed is not released. In object-oriented programming, a memory leak may happen when an object is stored in memory but cannot be accessed by the running code.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-13683"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-772"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-10-23T20:29:00Z",
    "severity": "MODERATE"
  },
  "details": "In Symantec Endpoint Encryption before SEE 11.1.3HF3, a kernel memory leak is a type of resource leak that can occur when a computer program incorrectly manages memory allocations in such a way that memory which is no longer needed is not released. In object-oriented programming, a memory leak may happen when an object is stored in memory but cannot be accessed by the running code.",
  "id": "GHSA-9f6g-gw86-9q96",
  "modified": "2022-05-13T01:43:12Z",
  "published": "2022-05-13T01:43:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13683"
    },
    {
      "type": "WEB",
      "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171009_00"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/101498"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9FC9-PCC6-HCPV

Vulnerability from github – Published: 2022-05-13 01:27 – Updated: 2022-05-13 01:27
VLAI
Details

In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could consume system memory. This was addressed in epan/dissectors/packet-steam-ihs-discovery.c by changing the memory-management approach.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-18226"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-772"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-10-12T06:29:00Z",
    "severity": "HIGH"
  },
  "details": "In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could consume system memory. This was addressed in epan/dissectors/packet-steam-ihs-discovery.c by changing the memory-management approach.",
  "id": "GHSA-9fc9-pcc6-hcpv",
  "modified": "2022-05-13T01:27:50Z",
  "published": "2022-05-13T01:27:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18226"
    },
    {
      "type": "WEB",
      "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15171"
    },
    {
      "type": "WEB",
      "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6e920ddc3cad2886ef07ca1a8e50e2a5c50986f7"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2018/dsa-4359"
    },
    {
      "type": "WEB",
      "url": "https://www.wireshark.org/security/wnpa-sec-2018-48.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/105583"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1041909"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9FF5-HGVP-C8P4

Vulnerability from github – Published: 2022-05-13 01:42 – Updated: 2022-05-13 01:42
VLAI
Details

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteHISTOGRAMImage() function in coders/histogram.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-11531"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-772"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-07-23T03:29:00Z",
    "severity": "MODERATE"
  },
  "details": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteHISTOGRAMImage() function in coders/histogram.c.",
  "id": "GHSA-9ff5-hgvp-c8p4",
  "modified": "2022-05-13T01:42:24Z",
  "published": "2022-05-13T01:42:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11531"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ImageMagick/ImageMagick/issues/566"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/99998"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9FM9-HP7P-53MF

Vulnerability from github – Published: 2025-05-28 12:30 – Updated: 2026-01-29 02:35
VLAI
Summary
Hackney fails to properly release HTTP connections to the pool
Details

Hackney fails to properly release HTTP connections to the pool after handling 307 Temporary Redirect responses. Remote attackers can exploit this to exhaust connection pools, causing denial of service in applications using the library. Fix for this issue has been included in 1.24.0 release.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Hex",
        "name": "hackney"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.24.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-3864"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-772"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-05-28T16:08:47Z",
    "nvd_published_at": "2025-05-28T12:15:19Z",
    "severity": "LOW"
  },
  "details": "Hackney fails to properly release HTTP connections to the pool after handling 307 Temporary Redirect responses. Remote attackers can exploit this to exhaust connection pools, causing denial of service in applications using the library.\nFix for this issue has been included in\u00a01.24.0 release.",
  "id": "GHSA-9fm9-hp7p-53mf",
  "modified": "2026-01-29T02:35:55Z",
  "published": "2025-05-28T12:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3864"
    },
    {
      "type": "WEB",
      "url": "https://github.com/benoitc/hackney/issues/717"
    },
    {
      "type": "WEB",
      "url": "https://github.com/benoitc/hackney/commit/8f13ddac50d1626f8b9a47a08bd599e4efe1773d"
    },
    {
      "type": "WEB",
      "url": "https://cert.pl/en/posts/2025/05/CVE-2025-3864"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/benoitc/hackney"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Hackney fails to properly release HTTP connections to the pool"
}

GHSA-9JQM-GVWX-9WXQ

Vulnerability from github – Published: 2022-05-01 18:20 – Updated: 2024-02-08 21:30
VLAI
Details

The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before 1.2.23, 1.4.x before 1.4.9, and Asterisk Appliance Developer Kit before 0.6.0, when configured to allow unauthenticated calls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of calls that do not complete a 3-way handshake, which causes an ast_channel to be allocated but not released.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2007-4103"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-772"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-07-31T10:17:00Z",
    "severity": "HIGH"
  },
  "details": "The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before 1.2.23, 1.4.x before 1.4.9, and Asterisk Appliance Developer Kit before 0.6.0, when configured to allow unauthenticated calls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of calls that do not complete a 3-way handshake, which causes an ast_channel to be allocated but not released.",
  "id": "GHSA-9jqm-gvwx-9wxq",
  "modified": "2024-02-08T21:30:31Z",
  "published": "2022-05-01T18:20:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-4103"
    },
    {
      "type": "WEB",
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=185713"
    },
    {
      "type": "WEB",
      "url": "http://ftp.digium.com/pub/asa/ASA-2007-018.pdf"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/38197"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26274"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29051"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200802-11.xml"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/2960"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/475069/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/24950"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1018472"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/2701"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9PH3-V2VH-3QX7

Vulnerability from github – Published: 2024-04-02 09:30 – Updated: 2026-02-27 20:57
VLAI
Summary
Eclipse Vert.x vulnerable to a memory leak in TCP servers
Details

A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading to memory exhaustion. This flaw allows attackers to send TLS client hello messages with fake server names, triggering a JVM out-of-memory error.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.vertx:vertx-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.3.4"
            },
            {
              "fixed": "4.4.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.vertx:vertx-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.5.0"
            },
            {
              "fixed": "4.5.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-1300"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400",
      "CWE-772"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-04-02T16:15:47Z",
    "nvd_published_at": "2024-04-02T08:15:53Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading to memory exhaustion. This flaw allows attackers to send TLS client hello messages with fake server names, triggering a JVM out-of-memory error.",
  "id": "GHSA-9ph3-v2vh-3qx7",
  "modified": "2026-02-27T20:57:55Z",
  "published": "2024-04-02T09:30:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1300"
    },
    {
      "type": "WEB",
      "url": "https://github.com/eclipse-vertx/vert.x/pull/5101"
    },
    {
      "type": "WEB",
      "url": "https://github.com/eclipse-vertx/vert.x/pull/5100"
    },
    {
      "type": "WEB",
      "url": "https://github.com/eclipse-vertx/vert.x/pull/5099"
    },
    {
      "type": "WEB",
      "url": "https://github.com/eclipse-vertx/vert.x/commit/7ad34ea9d78f85e26b231ee3ec8d492d10046479"
    },
    {
      "type": "WEB",
      "url": "https://github.com/eclipse-vertx/vert.x/commit/3d9235cadf44df39a70dc75bddfe0b8fcbd6a683"
    },
    {
      "type": "WEB",
      "url": "https://vertx.io/docs/vertx-core/java/#_server_name_indication_sni."
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/eclipse-vertx/vert.x"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263139"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2024-1300"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:4884"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:3989"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:3527"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:2833"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:2088"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:1923"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:1706"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:1662"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Eclipse Vert.x vulnerable to a memory leak in TCP servers"
}

GHSA-9QHM-PG8G-WQH2

Vulnerability from github – Published: 2022-05-13 01:40 – Updated: 2022-05-13 01:40
VLAI
Details

A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36531046.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-0813"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-772"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-10-04T01:29:00Z",
    "severity": "HIGH"
  },
  "details": "A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36531046.",
  "id": "GHSA-9qhm-pg8g-wqh2",
  "modified": "2022-05-13T01:40:46Z",
  "published": "2022-05-13T01:40:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-0813"
    },
    {
      "type": "WEB",
      "url": "https://android.googlesource.com/platform/frameworks/av/+/7fa3f552a6f34ed05c15e64ea30b8eed53f77a41"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/pixel/2017-10-01"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/101151"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9R29-9QMJ-8M4X

Vulnerability from github – Published: 2022-09-13 00:00 – Updated: 2022-09-16 00:00
VLAI
Details

Dell BIOS versions contain a Missing Release of Resource after Effective Lifetime vulnerability. A local authenticated administrator user could potentially exploit this vulnerability by consuming excess memory in order to cause the application to crash.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-31222"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401",
      "CWE-772"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-12T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Dell BIOS versions contain a Missing Release of Resource after Effective Lifetime vulnerability. A local authenticated administrator user could potentially exploit this vulnerability by consuming excess memory in order to cause the application to crash.",
  "id": "GHSA-9r29-9qmj-8m4x",
  "modified": "2022-09-16T00:00:30Z",
  "published": "2022-09-13T00:00:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31222"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/000202196"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-3
Requirements

Strategy: Language Selection

  • Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • For example, languages such as Java, Ruby, and Lisp perform automatic garbage collection that releases memory for objects that have been deallocated.
Mitigation
Implementation

It is good practice to be responsible for freeing all resources you allocate and to be consistent with how and where you free resources in a function. If you allocate resources that you intend to free upon completion of the function, you must be sure to free the resources at all exit points for that function including error conditions.

Mitigation MIT-47
Operation Architecture and Design

Strategy: Resource Limitation

  • Use resource-limiting settings provided by the operating system or environment. For example, when managing system resources in POSIX, setrlimit() can be used to set limits for certain types of resources, and getrlimit() can determine how many resources are available. However, these functions are not available on all operating systems.
  • When the current levels get close to the maximum that is defined for the application (see CWE-770), then limit the allocation of further resources to privileged users; alternately, begin releasing resources for less-privileged users. While this mitigation may protect the system from attack, it will not necessarily stop attackers from adversely impacting other users.
  • Ensure that the application performs the appropriate error checks and error handling in case resources become unavailable (CWE-703).
CAPEC-469: HTTP DoS

An attacker performs flooding at the HTTP level to bring down only a particular web application rather than anything listening on a TCP/IP connection. This denial of service attack requires substantially fewer packets to be sent which makes DoS harder to detect. This is an equivalent of SYN flood in HTTP. The idea is to keep the HTTP session alive indefinitely and then repeat that hundreds of times. This attack targets resource depletion weaknesses in web server software. The web server will wait to attacker's responses on the initiated HTTP sessions while the connection threads are being exhausted.