Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-16 | CVE-2023-0568 | Allocation of Resources Without Limits or Throttling vulnerability in PHP In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. | 8.1 |
| 2023-02-15 | CVE-2023-25171 | Allocation of Resources Without Limits or Throttling vulnerability in Kiwitcms Kiwi Tcms Kiwi TCMS, an open source test management system, does not impose rate limits in versions prior to 12.0. | 5.9 |
| 2023-02-15 | CVE-2023-25578 | Allocation of Resources Without Limits or Throttling vulnerability in Starliteproject Starlite Starlite is an Asynchronous Server Gateway Interface (ASGI) framework. | 7.5 |
| 2023-02-14 | CVE-2023-25577 | Allocation of Resources Without Limits or Throttling vulnerability in Palletsprojects Werkzeug Werkzeug is a comprehensive WSGI web application library. | 7.5 |
| 2023-02-14 | CVE-2023-25576 | Allocation of Resources Without Limits or Throttling vulnerability in Fastify Fastify-Multipart @fastify/multipart is a Fastify plugin to parse the multipart content-type. | 7.5 |
| 2023-02-04 | CVE-2023-25193 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. | 7.5 |
| 2023-02-01 | CVE-2023-23969 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. | 7.5 |
| 2023-02-01 | CVE-2023-22323 | Allocation of Resources Without Limits or Throttling vulnerability in F5 products In BIP-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when OCSP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. | 7.5 |
| 2023-02-01 | CVE-2023-23846 | Allocation of Resources Without Limits or Throttling vulnerability in Open5Gs Due to insufficient length validation in the Open5GS GTP library versions prior to versions 2.4.13 and 2.5.7, when parsing extension headers in GPRS tunneling protocol (GPTv1-U) messages, a protocol payload with any extension header length set to zero causes an infinite loop. | 7.5 |
| 2023-01-27 | CVE-2023-22740 | Allocation of Resources Without Limits or Throttling vulnerability in Discourse Discourse is an open source platform for community discussion. | 6.5 |