CWE-774 - Allocation of File Descriptors or Handles Without Limits or Throttling

CWE ID:

CWE-774

Low

Abstraction:Variant
Structure:Simple
Status:Incomplete

Release Date:2009-05-27
Latest Modification Date:2023-06-29

Weakness Name

Allocation of File Descriptors or Handles Without Limits or Throttling

Description

The product allocates file descriptors or handles on behalf of an actor without imposing any restrictions on how many descriptors can be allocated, in violation of the intended security policy for that actor.

This can cause the product to consume all available file descriptors or handles, which can prevent other processes from performing critical file processing operations.

Common Consequences

Scope: Availability

Impact: DoS: Resource Consumption (Other)

Notes: When allocating resources without limits, an attacker could prevent all other processes from accessing the same type of resource.

Related Weaknesses

CWE-770Allocation of Resources Without Limits or ThrottlingHigh

Top Security News

Top CVE List

Common Alerts

LowX-AspNet-Version Response Header
MediumApplication Error Disclosure via WebSockets
HighExpression Language Injection
InformationalCharset Mismatch
InformationalBase64 Disclosure in WebSocket message
LowStrict-Transport-Security Header Not Set
LowX-Content-Type-Options Header Missing
LowStrict-Transport-Security Multiple Header Entries (Non-compliant with Spec)
InformationalInformation Disclosure - Information in Browser sessionStorage
HighHttpoxy - Proxy Header Misuse

Common CWEs