CWE-1176
Inefficient CPU Computation
Common consequences1
- AvailabilityReduce PerformanceDoS: Resource Consumption (CPU)
This issue can make the product perform more slowly, possibly in ways that are noticeable to the users. If an attacker can influence the amount of computation that must be performed, e.g. by triggering worst-case complexity, then this performance problem might introduce a vulnerability.
Relationships1
- ChildOfCWE-405
CVEs referencing this CWE2
| CVE | Description | Severity | EPSS | Flags | Modified |
|---|---|---|---|---|---|
| CVE-2024-23323 | Envoy is a high-performance edge/middle/service proxy. The regex expression is compiled for every request and can result in high CPU usage and increased request latency when multiple routes are configured with such matchers. This issue has been addressed in released 1.29.1, 1.28.1, 1.27.3, and 1.26.7. Users are advised to upgrade. There are no known workarounds for this vulnerability. | MEDIUM5.3 | 0.50%p39 | 2024-11-21 | |
| CVE-2025-46153 | PyTorch before 3.7.0 has a bernoulli_p decompose function in decompositions.py even though it lacks full consistency with the eager CPU implementation, negatively affecting nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d for fallback_random=True. | MEDIUM5.3 | 0.38%p30 | 2025-10-03 |