Ran latest scan and landed with this issue - CWE-400 | Uncontrolled resource consumption The NPM package "braces" fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In "lib/parse.js," if a malicious user sends "imbalanced braces" as input, the ...
用Wukong(悟空)软件代码安全检测修复系统检测上述程序代码,则可以发现代码中存在着“不受控制的资源消耗” 导致的代码缺陷,如下图: 不受控制的资源消耗缺陷在CWE中被编号为CWE-400:Uncontrolled Resource Consumption 更多的信息请参考CWE官网: http://cwe.mitre.org/data/definitions/400.html 了解更多安全资讯 请关注...
该栏目为中科天齐全新规划的悟空云课堂,每周五下午18:00准时上线,旨在科普软件安全相关知识,助力企业有效防范软件安全漏洞,提升网络安全防护能力。 悟空云课堂 | 第三十二期:不受控制的资源消耗(CWE-400:Uncontrolled Resource Consumption) 01 什么是不受控制... ...
Technical Impact: DoS: Crash, Exit, or Restart; DoS: Resource Consumption (CPU); DoS: Resource Consumption (Memory); DoS: Resource Consumption (Other) The most common result of resource exhaustion is denial of service. The software may slow down, crash due to unhandled errors, or lock out ...
Uncontrolled Resource Consumption ('Resource Exhaustion') Weakness ID: 400 (Weakness Base) Status: Incomplete Description Description Summary The software does not properly restrict the size or amount of resources that are requested or influenced by an actor, which can be used to consume more ...