Fleet's unbounded request body read allows remote Denial of Service

Summary Fleet contained multiple unauthenticated HTTP endpoints that read request bodies without enforcing a size limit. An unauthenticated attacker could exploit this behavior by sending large or repeated HTTP payloads, causing excessive memory allocation and resulting in a denial-of-service DoS...

pidusage command injection vulnerability

pidusage is a cross-platform tool for monitoring CPU and memory usage. A command injection vulnerability exists in pidusage 1.1.4 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary commands...