QID 980390
QID 980390: Go (go) Security Update for github.com/pterodactyl/wings (GHSA-jj6m-r8jc-2gp7)
Security update has been released for github.com/pterodactyl/wings to fix the vulnerability.
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
All versions of Pterodactyl Wings preior to `1.4.4` are vulnerable to system resource exhaustion due to improper container process limits being defined. A malicious user can consume more resources than intended and cause downstream impacts to other clients on the same hardware, eventually causing the physical server to stop responding.
Solution
Users should upgrade to `1.4.4`.Workaround:
There is no non-code based workaround for impacted versions of the software. Users running customized versions of this software can manually set a PID limit for containers created.
There is no non-code based workaround for impacted versions of the software. Users running customized versions of this software can manually set a PID limit for containers created.
Vendor References
- GHSA-jj6m-r8jc-2gp7 -
github.com/advisories/GHSA-jj6m-r8jc-2gp7
CVEs related to QID 980390
Software Advisories
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| GHSA-jj6m-r8jc-2gp7 | github.com/pterodactyl/wings |
|