An authenticated user can import a repository from GitHub into GitLab. If a user attempts to import a repo from an attacker-controlled server, the server will reply with a Redis serialization protocol ...
Continue Reading
February 15, 2023
When Microsoft released UTF-8 support for the -A interfaces of the Windows API, it appears to have introduced buffer overrun conditions.Read More ...
Continue Reading
February 15, 2023
### Summary The request body parsing in `starlite` allows a potentially unauthenticated attacker to consume a large amount of CPU time and RAM. ### Details The multipart body parser processes an unli ...
Continue Reading
February 15, 2023
Post ContentRead More ...
Continue Reading
February 15, 2023
### Summary The request body parsing in `starlite` allows a potentially unauthenticated attacker to consume a large amount of CPU time and RAM. ### Details The multipart body parser processes an unli ...
Continue Reading
February 15, 2023
Starlite is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to version 1.5.2, the request body parsing in `starlite` allows a potentially unauthenticated attacker to consume a large a ...
Continue Reading
February 15, 2023
Argo CD has an output sanitization bug which leaks repository access credentials in error messages. These error messages are visible to the user, and they are logged. The error message is visible when ...
Continue Reading
February 15, 2023
openssl is vulnerable to Denial Of Service (DoS). The vulnerability exists because if a recipe cms recipient public key is invalid, the new filter bio is freed and the function returns a NULL result i ...
Continue Reading
February 15, 2023
Back to Main
