CNNVD-202601-3013 Information
CNNVD ID
CNNVD-202601-3013
Related CVE
- CNNVD Published: 2026-01-19
Description (Chinese)
Pterodactyl Panel是Pterodactyl开源的一个免费的开源游戏服务器管理面板。 Pterodactyl Panel 1.12.0之前版本存在安全漏洞,该漏洞源于资源限制验证发生在请求周期早期且未在处理时锁定目标资源,可能导致恶意用户发送大量并发请求创建超出分配的资源,造成拒绝资源或过度消耗节点分配和备份空间。
Description (English)
Pterodactyl Panel is a free open-source server management panel for Pterodactyl Open Source. Pre-Pterodactyl Panel 1.12.0 has a security loophole, which stems from resource constraints that validate the targeting of resources at an early stage of the request cycle and when not being processed, and may lead to the sending of large amounts of resources by malicious users and requests for the creation of more than allocated resources, resulting in the denial of resources or excessive consumption of nodal allocation and back-up space.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Pterodactyl
Published
2026-01-19
Last Modified
2026-02-24
References
https://github.com/pterodactyl/panel/commit/09caa0d4995bd924b53b9a9e9b4883ac27bd5607 https://github.com/pterodactyl/panel/security/advisories/GHSA-jw2v-cq5x-q68g https://access.redhat.com/security/cve/cve-2025-69198
Patch
https://github.com/pterodactyl/panel/releases
Share on: