Fluid Attacks Database

Description

Affected versions of this package are vulnerable to Uncontrolled Resource Consumption ('Resource Exhaustion') due to the session cache entering an incorrect state and failing to flush properly as it fills, leading to uncontrolled memory consumption.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
alpine v3.17	openssl	=1.1.1-r0 \|\| =1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| =1.1.1g-r0 \|\| =1.1.1h-r0 \|\| =1.1.1i-r0 \|\| =1.1.1j-r0 \|\| =1.1.1k-r0 \|\| =1.1.1k-r1 \|\| =1.1.1l-r0 \|\| =3.0.0-r0 \|\| =3.0.0-r1 \|\| =3.0.0-r2 \|\| =3.0.0-r3 \|\| =3.0.0-r4 \|\| =3.0.1-r0 \|\| =3.0.1-r1 \|\| =3.0.10-r0 \|\| =3.0.11-r0 \|\| =3.0.12-r0 \|\| =3.0.12-r1 \|\| =3.0.12-r2 \|\| =3.0.12-r3 \|\| =3.0.12-r4 \|\| =3.0.2-r0 \|\| =3.0.3-r0 \|\| =3.0.5-r0 \|\| =3.0.5-r1 \|\| =3.0.5-r2 \|\| =3.0.5-r3 \|\| =3.0.6-r0 \|\| =3.0.7-r0 \|\| =3.0.7-r2 \|\| =3.0.8-r0 \|\| =3.0.8-r1 \|\| =3.0.8-r2 \|\| =3.0.8-r3 \|\| =3.0.8-r4 \|\| =3.0.9-r0 \|\| =3.0.9-r1 \|\| =3.0.9-r2 \|\| =3.0.9-r3 \|\| >=0 <3.0.12-r5	3.0.12-r5
alpine v3.18	openssl	=1.1.1-r0 \|\| =1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| =1.1.1g-r0 \|\| =1.1.1h-r0 \|\| =1.1.1i-r0 \|\| =1.1.1j-r0 \|\| =1.1.1k-r0 \|\| =1.1.1k-r1 \|\| =1.1.1l-r0 \|\| =3.0.0-r0 \|\| =3.0.0-r1 \|\| =3.0.0-r2 \|\| =3.0.0-r3 \|\| =3.0.0-r4 \|\| =3.0.1-r0 \|\| =3.0.1-r1 \|\| =3.0.2-r0 \|\| =3.0.3-r0 \|\| =3.0.5-r0 \|\| =3.0.5-r1 \|\| =3.0.5-r2 \|\| =3.0.5-r3 \|\| =3.0.6-r0 \|\| =3.0.7-r0 \|\| =3.0.7-r1 \|\| =3.0.7-r2 \|\| =3.0.8-r0 \|\| =3.0.8-r1 \|\| =3.1.0-r0 \|\| =3.1.0-r1 \|\| =3.1.0-r2 \|\| =3.1.0-r3 \|\| =3.1.0-r4 \|\| =3.1.1-r0 \|\| =3.1.1-r1 \|\| =3.1.1-r2 \|\| =3.1.1-r3 \|\| =3.1.2-r0 \|\| =3.1.3-r0 \|\| =3.1.4-r0 \|\| =3.1.4-r1 \|\| =3.1.4-r2 \|\| =3.1.4-r3 \|\| =3.1.4-r4 \|\| =3.1.4-r5 \|\| >=0 <3.1.4-r6	3.1.4-r6
alpine v3.19	openssl	=1.1.1-r0 \|\| =1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| =1.1.1g-r0 \|\| =1.1.1h-r0 \|\| =1.1.1i-r0 \|\| =1.1.1j-r0 \|\| =1.1.1k-r0 \|\| =1.1.1k-r1 \|\| =1.1.1l-r0 \|\| =3.0.0-r0 \|\| =3.0.0-r1 \|\| =3.0.0-r2 \|\| =3.0.0-r3 \|\| =3.0.0-r4 \|\| =3.0.1-r0 \|\| =3.0.1-r1 \|\| =3.0.2-r0 \|\| =3.0.3-r0 \|\| =3.0.5-r0 \|\| =3.0.5-r1 \|\| =3.0.5-r2 \|\| =3.0.5-r3 \|\| =3.0.6-r0 \|\| =3.0.7-r0 \|\| =3.0.7-r1 \|\| =3.0.7-r2 \|\| =3.0.8-r0 \|\| =3.0.8-r1 \|\| =3.1.0-r0 \|\| =3.1.0-r1 \|\| =3.1.0-r2 \|\| =3.1.0-r3 \|\| =3.1.0-r4 \|\| =3.1.0-r5 \|\| =3.1.1-r0 \|\| =3.1.1-r1 \|\| =3.1.1-r2 \|\| =3.1.1-r3 \|\| =3.1.2-r0 \|\| =3.1.3-r0 \|\| =3.1.4-r0 \|\| =3.1.4-r1 \|\| =3.1.4-r2 \|\| =3.1.4-r3 \|\| =3.1.4-r4 \|\| =3.1.4-r5 \|\| >=0 <3.1.4-r6	3.1.4-r6
alpine v3.20	openssl	=1.1.1-r0 \|\| =1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| =1.1.1g-r0 \|\| =1.1.1h-r0 \|\| =1.1.1i-r0 \|\| =1.1.1j-r0 \|\| =1.1.1k-r0 \|\| =1.1.1k-r1 \|\| =1.1.1l-r0 \|\| =3.0.0-r0 \|\| =3.0.0-r1 \|\| =3.0.0-r2 \|\| =3.0.0-r3 \|\| =3.0.0-r4 \|\| =3.0.1-r0 \|\| =3.0.1-r1 \|\| =3.0.2-r0 \|\| =3.0.3-r0 \|\| =3.0.5-r0 \|\| =3.0.5-r1 \|\| =3.0.5-r2 \|\| =3.0.5-r3 \|\| =3.0.6-r0 \|\| =3.0.7-r0 \|\| =3.0.7-r1 \|\| =3.0.7-r2 \|\| =3.0.8-r0 \|\| =3.0.8-r1 \|\| =3.1.0-r0 \|\| =3.1.0-r1 \|\| =3.1.0-r2 \|\| =3.1.0-r3 \|\| =3.1.0-r4 \|\| =3.1.0-r5 \|\| =3.1.1-r0 \|\| =3.1.1-r1 \|\| =3.1.1-r2 \|\| =3.1.1-r3 \|\| =3.1.2-r0 \|\| =3.1.3-r0 \|\| =3.1.4-r0 \|\| =3.1.4-r1 \|\| =3.1.4-r2 \|\| =3.1.4-r3 \|\| =3.1.4-r4 \|\| =3.1.4-r5 \|\| =3.1.5-r5 \|\| =3.2.1-r0 \|\| =3.2.1-r1 \|\| >=0 <3.2.1-r2	3.2.1-r2
alpine v3.21	openssl	=1.1.1-r0 \|\| =1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| =1.1.1g-r0 \|\| =1.1.1h-r0 \|\| =1.1.1i-r0 \|\| =1.1.1j-r0 \|\| =1.1.1k-r0 \|\| =1.1.1k-r1 \|\| =1.1.1l-r0 \|\| =3.0.0-r0 \|\| =3.0.0-r1 \|\| =3.0.0-r2 \|\| =3.0.0-r3 \|\| =3.0.0-r4 \|\| =3.0.1-r0 \|\| =3.0.1-r1 \|\| =3.0.2-r0 \|\| =3.0.3-r0 \|\| =3.0.5-r0 \|\| =3.0.5-r1 \|\| =3.0.5-r2 \|\| =3.0.5-r3 \|\| =3.0.6-r0 \|\| =3.0.7-r0 \|\| =3.0.7-r1 \|\| =3.0.7-r2 \|\| =3.0.8-r0 \|\| =3.0.8-r1 \|\| =3.1.0-r0 \|\| =3.1.0-r1 \|\| =3.1.0-r2 \|\| =3.1.0-r3 \|\| =3.1.0-r4 \|\| =3.1.0-r5 \|\| =3.1.1-r0 \|\| =3.1.1-r1 \|\| =3.1.1-r2 \|\| =3.1.1-r3 \|\| =3.1.2-r0 \|\| =3.1.3-r0 \|\| =3.1.4-r0 \|\| =3.1.4-r1 \|\| =3.1.4-r2 \|\| =3.1.4-r3 \|\| =3.1.4-r4 \|\| =3.1.4-r5 \|\| =3.1.5-r5 \|\| =3.2.1-r0 \|\| =3.2.1-r1 \|\| >=0 <3.2.1-r2	3.2.1-r2
alpine v3.22	openssl	=1.1.1-r0 \|\| =1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| =1.1.1g-r0 \|\| =1.1.1h-r0 \|\| =1.1.1i-r0 \|\| =1.1.1j-r0 \|\| =1.1.1k-r0 \|\| =1.1.1k-r1 \|\| =1.1.1l-r0 \|\| =3.0.0-r0 \|\| =3.0.0-r1 \|\| =3.0.0-r2 \|\| =3.0.0-r3 \|\| =3.0.0-r4 \|\| =3.0.1-r0 \|\| =3.0.1-r1 \|\| =3.0.2-r0 \|\| =3.0.3-r0 \|\| =3.0.5-r0 \|\| =3.0.5-r1 \|\| =3.0.5-r2 \|\| =3.0.5-r3 \|\| =3.0.6-r0 \|\| =3.0.7-r0 \|\| =3.0.7-r1 \|\| =3.0.7-r2 \|\| =3.0.8-r0 \|\| =3.0.8-r1 \|\| =3.1.0-r0 \|\| =3.1.0-r1 \|\| =3.1.0-r2 \|\| =3.1.0-r3 \|\| =3.1.0-r4 \|\| =3.1.0-r5 \|\| =3.1.1-r0 \|\| =3.1.1-r1 \|\| =3.1.1-r2 \|\| =3.1.1-r3 \|\| =3.1.2-r0 \|\| =3.1.3-r0 \|\| =3.1.4-r0 \|\| =3.1.4-r1 \|\| =3.1.4-r2 \|\| =3.1.4-r3 \|\| =3.1.4-r4 \|\| =3.1.4-r5 \|\| =3.1.5-r5 \|\| =3.2.1-r0 \|\| =3.2.1-r1 \|\| >=0 <3.2.1-r2	3.2.1-r2
debian 11	openssl	=1.1.1k-1 \|\| =1.1.1k-1+deb11u1 \|\| =1.1.1k-1+deb11u2 \|\| =1.1.1l-1 \|\| =1.1.1m-0+deb11u1 \|\| =1.1.1m-1 \|\| =1.1.1n-0+deb11u1 \|\| =1.1.1n-0+deb11u2 \|\| =1.1.1n-0+deb11u3 \|\| =1.1.1n-0+deb11u4 \|\| =1.1.1n-0+deb11u5 \|\| =1.1.1n-0+deb11u6 \|\| =1.1.1n-1 \|\| =1.1.1o-1 \|\| =1.1.1v-0~deb11u1 \|\| =1.1.1w-0+deb11u1 \|\| =1.1.1w-0~deb11u1 \|\| >=0 <1.1.1w-0+deb11u2	1.1.1w-0+deb11u2
debian 12	openssl	=3.0.10-1 \|\| =3.0.10-1~deb12u1 \|\| =3.0.11-1 \|\| =3.0.11-1~deb12u1 \|\| =3.0.11-1~deb12u2 \|\| =3.0.12-1 \|\| =3.0.12-2 \|\| =3.0.13-1~deb12u1 \|\| =3.0.13-1~deb12u2 \|\| =3.0.9-1 \|\| >=0 <3.0.14-1~deb12u1	3.0.14-1~deb12u1
debian 13	openssl	>=0 <3.2.2-1	3.2.2-1
debian 14	openssl	>=0 <3.2.2-1	3.2.2-1

1-10 of 19

Aliases

1. CVE-2024-25112. NVD-2024-25113. OSV-ALPINE-2024-25114. OSV-2024-25115. OSV-DEBIAN-2024-25116. SECURITY-CVE-2024-25117. SECURITY-TRACKER-CVE-2024-25118. DB-CVE-2024-2511

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.