Improper Resource Management

Dragonfly is vulnerable to Improper Resource Management. The vulnerability is due to the processPieceFromSource method failing to update the usedTraffic field because of an uninitialized variable, which allows an attacker to exploit incorrect rate limiting and cause a denial-of-service condition...

SUSE CVE-2025-59348

Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the processPieceFromSource method does not update the structure's usedTraffic field, because an uninitialized variable n is used as a guard to the AddTraffic method call, instead of the...

CVE-2025-59348

Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the processPieceFromSource method does not update the structure’s usedTraffic field, because an uninitialized variable n is used as a guard to the AddTraffic method call, instead of the...

CVE-2025-59348

Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the processPieceFromSource method does not update the structure’s usedTraffic field, because an uninitialized variable n is used as a guard to the AddTraffic method call, instead of the...

Dragonfly incorrectly handles a task structure’s usedTrac field

Impact The processPieceFromSource method figure 4.1 is part of a task processing mechanism. The method writes pieces of data to storage, updating a Task structure along the way. The method does not update the structure’s usedTraffic field, because an uninitialized variable n is used as a guard to...

GHSA-2QGR-GFVJ-QPCR Dragonfly incorrectly handles a task structure’s usedTrac field

Impact The processPieceFromSource method figure 4.1 is part of a task processing mechanism. The method writes pieces of data to storage, updating a Task structure along the way. The method does not update the structure’s usedTraffic field, because an uninitialized variable n is used as a guard to...

CVE-2025-59348 Dragonfly incorrectly handles a task structure’s usedTraffic field

Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the processPieceFromSource method does not update the structure’s usedTraffic field, because an uninitialized variable n is used as a guard to the AddTraffic method call, instead of the...

CVE-2025-59348

CVE-2025-59348 affects Dragonfly, an open-source P2P file distribution and image acceleration system. The vulnerability lies in the processPieceFromSource method, where an uninitialized variable n is used as a guard for the AddTraffic call instead of the actual result.Size, causing the structure’...

Dragonfly 安全漏洞

Dragonfly is an open source framework from DragonflyDB that allows dynamic processing of any content type. A security vulnerability exists in Dragonfly versions prior to 2.1.0, which stems from an uninitialized variable n being used as a protection condition for an AddTraffic method call, resulti...

PT-2025-38259

Name of the Vulnerable Software and Affected Versions Dragonfly versions prior to 2.1.0 Description The processPieceFromSource method in Dragonfly does not correctly update the usedTraffic field within the Task structure due to the use of an uninitialized variable n instead of result.Size when...