Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-17 | CVE-2020-0353 | Allocation of Resources Without Limits or Throttling vulnerability in Google Android 11.0 In libmp4extractor, there is a possible resource exhaustion due to a missing bounds check. | 6.5 |
| 2020-09-16 | CVE-2020-10758 | Allocation of Resources Without Limits or Throttling vulnerability in Redhat products A vulnerability was found in Keycloak before 11.0.1 where DoS attack is possible by sending twenty requests simultaneously to the specified keycloak server, all with a Content-Length header value that exceeds the actual byte count of the request body. | 7.5 |
| 2020-09-14 | CVE-2020-13306 | Allocation of Resources Without Limits or Throttling vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 7.5 |
| 2020-09-10 | CVE-2020-15168 | Allocation of Resources Without Limits or Throttling vulnerability in Node-Fetch Project Node-Fetch node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get thrown and the process would end without failure. | 5.3 |
| 2020-08-29 | CVE-2020-3566 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco IOS XR 6.4.2 A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. | 8.6 |
| 2020-07-14 | CVE-2020-15100 | Allocation of Resources Without Limits or Throttling vulnerability in Schokokeks Freewvs In freewvs before 0.1.1, a user could create a large file that freewvs will try to read, which will terminate a scan process. | 3.3 |
| 2020-07-06 | CVE-2020-15570 | Allocation of Resources Without Limits or Throttling vulnerability in Whoopsie Project Whoopsie The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which allows an attacker to cause a denial of service via a malformed crash file. | 5.5 |
| 2020-07-01 | CVE-2020-12605 | Allocation of Resources Without Limits or Throttling vulnerability in Envoyproxy Envoy Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when processing HTTP/1.1 headers with long field names or requests with long URLs. | 7.5 |
| 2020-06-24 | CVE-2020-9494 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8.0.7 is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the server to allocate a large amount of memory and spin the thread. | 7.5 |
| 2020-06-19 | CVE-2017-18899 | Allocation of Resources Without Limits or Throttling vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. | 5.3 |