openhands-agent-server is vulnerable to Uncontrolled Resource Consumption
35
Low Risk
The agent server registers every WebSocket client that connects to a conversation's event or bash-event stream as a PubSub subscriber with no upper limit. A client that can reach these WebSocket endpoints can open many concurrent connections to the same conversation, each adding a subscriber that receives every published event. The unbounded subscriber set lets a single conversation accumulate connections and event fan-out work until the server exhausts memory and processing capacity. The fix caps the per-conversation subscriber count and rejects additional connections by closing them with WebSocket code 1013.
You are affected if you are using a version that falls within the vulnerable range and expose the conversation or bash-event WebSocket endpoints to clients that can open many concurrent connections (unauthenticated when session API keys are not configured, or authenticated when they are).
openhands-agent-server is vulnerable to Uncontrolled Resource Consumption in versions 1.0.0 - 1.22.0.
Upgrade the openhands-agent-server library to the patch version.
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant