CWE-769
DEPRECATED: Uncontrolled File Descriptor Consumption
Description
This entry has been deprecated because it was a duplicate of CWE-774. All content has been transferred to CWE-774.
CVEs mapped to this weakness (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-0358 | Hig | 0.49 | 7.5 | 0.03 | Jun 21, 2018 | A vulnerability in the file descriptor handling of Cisco TelePresence Video Communication Server (VCS) Expressway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to exhaustion of file descriptors while… | ||
| CVE-2017-8452 | Hig | 0.49 | 7.5 | 0.01 | Jun 16, 2017 | Kibana versions prior to 5.2.1 configured for SSL client access, file descriptors will fail to be cleaned up after certain requests and will accumulate over time until the process crashes. | ||
| CVE-2017-1000098 | Hig | 0.42 | 7.5 | 0.02 | Oct 5, 2017 | The net/http package's Request.ParseMultipartForm method starts writing to temporary files once the request body size surpasses the given "maxMemory" limit. It was possible for an attacker to generate a multipart request crafted such that the server ran out of file descriptors. | ||
| CVE-2025-4001 | Low | 0.14 | 3.3 | 0.00 | Apr 28, 2025 | A vulnerability has been found in scipopt scip up to 9.2.1 and classified as problematic. Affected by this vulnerability is the function main of the file examples/LOP/src/genRandomLOPInstance.c of the component File Descriptor Handler. The manipulation of the argument File leads… |
- risk 0.49cvss 7.5epss 0.03
A vulnerability in the file descriptor handling of Cisco TelePresence Video Communication Server (VCS) Expressway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to exhaustion of file descriptors while…
- risk 0.49cvss 7.5epss 0.01
Kibana versions prior to 5.2.1 configured for SSL client access, file descriptors will fail to be cleaned up after certain requests and will accumulate over time until the process crashes.
- risk 0.42cvss 7.5epss 0.02
The net/http package's Request.ParseMultipartForm method starts writing to temporary files once the request body size surpasses the given "maxMemory" limit. It was possible for an attacker to generate a multipart request crafted such that the server ran out of file descriptors.
- risk 0.14cvss 3.3epss 0.00
A vulnerability has been found in scipopt scip up to 9.2.1 and classified as problematic. Affected by this vulnerability is the function main of the file examples/LOP/src/genRandomLOPInstance.c of the component File Descriptor Handler. The manipulation of the argument File leads…