Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
thread-amount is Vulnerable to Resource Exhaustion (Memory and Handle Leaks) on Windows and macOS
Vulnerability Description
thread-amount is a tool that gets the amount of threads in the current process. Prior to version 0.2.2, there are resource leaks when querying thread counts on Windows and Apple platforms. In Windows platforms, the thread_amount function calls CreateToolhelp32Snapshot but fails to close the returned HANDLE using CloseHandle. Repeated calls to this function will cause the handle count of the process to grow indefinitely, eventually leading to system instability or process termination when the handle limit is reached. In Apple platforms, the thread_amount function calls task_threads (via Mach kernel APIs) which allocates memory for the thread list. The function fails to deallocate this memory using vm_deallocate. Repeated calls will result in a steady memory leak, eventually causing the process to be killed by the OOM (Out of Memory) killer. This issue has been patched in version 0.2.2.
CVSS Information
N/A
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
thread-amount 安全漏洞
Vulnerability Description
thread-amount是jez个人开发者的一个获取当前进程中的线程数量的工具。 thread-amount 0.2.2之前版本存在安全漏洞,该漏洞源于资源泄漏,可能导致系统不稳定或进程终止。
CVSS Information
N/A
Vulnerability Type
N/A