CVE-2024-53858: Loop First Item Size Limit Bypass
A size or resource limit check inside a loop is bypassed for the first iteration using a condition like `&& count > 0` or `&& fetched > 0`. An attacker can exploit this by ensuring the first processed item is exceptionally large, completely bypassing the intended maximum size constraint and causing uncontrolled resource consumption (DoS). Remove the counter
Goβgreprules fetch cve-2024-53858-loop-first-item-size-limit-bypass --engine opengrepDescription
A size or resource limit check inside a loop is bypassed for the first iteration using a condition like `&& count > 0` or `&& fetched > 0`. An attacker can exploit this by ensuring the first processed item is exceptionally large, completely bypassing the intended maximum size constraint and causing uncontrolled resource consumption (DoS). Remove the counter
Community feedback
0 signals from signed-in users.
- Useful
- 0
- False positive
- 0
- Metadata
- 0