CVE-2021-32699

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-32699

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-32699.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-32699

Aliases

Related

GHSA-jj6m-r8jc-2gp7

Published

2021-06-22T20:15:08.560Z

Modified

2026-03-13T21:59:47.796580Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

Wings is the control plane software for the open source Pterodactyl game management system. All versions of Pterodactyl Wings prior to 1.4.4 are vulnerable to system resource exhaustion due to improper container process limits being defined. A malicious user can consume more resources than intended and cause downstream impacts to other clients on the same hardware, eventually causing the physical server to stop responding. Users should upgrade to 1.4.4 to mitigate the issue. There is no non-code based workaround for impacted versions of the software. Users running customized versions of this software can manually set a PID limit for containers created.

References

Affected packages

Git / github.com/pterodactyl/wings

Affected ranges

Type

GIT

Repo

https://github.com/pterodactyl/wings

Events

Introduced

Fixed

08a7ccd175eae5ce8eafb6b08eedee396334727e

Fixed

e0078eee0a71d61573a94c75e6efcad069d78de3

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.4.4"
        }
    ]
}

Affected versions

v1.*

v1.0.0

v1.0.0-beta.9

v1.0.0-rc.1

v1.0.0-rc.2

v1.0.0-rc.3

v1.0.0-rc.4

v1.0.0-rc.5

v1.0.0-rc.6

v1.0.0-rc.7

v1.0.1

v1.1.0

v1.1.1

v1.1.2

v1.1.3

v1.2.0

v1.2.1

v1.2.2

v1.2.3

v1.3.0

v1.3.1

v1.3.2

v1.4.0

v1.4.1

v1.4.2

v1.4.3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-32699.json"