CVE-2021-32699

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-32699

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-32699.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-32699

Aliases

Related

GHSA-jj6m-r8jc-2gp7

Published

2021-06-22T20:15:08Z

Modified

2025-01-15T01:54:26.813831Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

Wings is the control plane software for the open source Pterodactyl game management system. All versions of Pterodactyl Wings prior to 1.4.4 are vulnerable to system resource exhaustion due to improper container process limits being defined. A malicious user can consume more resources than intended and cause downstream impacts to other clients on the same hardware, eventually causing the physical server to stop responding. Users should upgrade to 1.4.4 to mitigate the issue. There is no non-code based workaround for impacted versions of the software. Users running customized versions of this software can manually set a PID limit for containers created.

References

Affected packages

Git / github.com/pterodactyl/wings

Affected ranges

Type: GIT
Repo: https://github.com/pterodactyl/wings
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

e0078eee0a71d61573a94c75e6efcad069d78de3

Fixed

e0078eee0a71d61573a94c75e6efcad069d78de3

Affected versions

v1.*

v1.0.0

v1.0.0-beta.9

v1.0.0-rc.1

v1.0.0-rc.2

v1.0.0-rc.3

v1.0.0-rc.4

v1.0.0-rc.5

v1.0.0-rc.6

v1.0.0-rc.7

v1.0.1

v1.1.0

v1.1.1

v1.1.2

v1.1.3

v1.2.0

v1.2.1

v1.2.2

v1.2.3

v1.3.0

v1.3.1

v1.3.2

v1.4.0

v1.4.1

v1.4.2

v1.4.3