Denial Of Service (DoS)

lighttpd is vulnerable to denial of service. The vulnerability exists due to a lack of initialization when an invalide HTTP request (websocket handshake) leading to a null pointer dereference allowing ...

Continue Reading

CVSS3 - HIGH

Debian DLA-3133-1 : lighttpd – LTS security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3133 advisory. - In lighttpd 1.4.65, mod_wstunnel does not initialize a handler functio ...

Continue Reading
lighttpd – security update

An invalid HTTP request (websocket handshake) may cause a `NULL` pointer dereference in the wstunnel module. For Debian 10 buster, this problem has been fixed in version 1.4.53-4+deb10u3. We recommend ...

Continue Reading

CVSS3 - HIGH

Node.js 14.x < 14.20.0 / 16.x < 16.16.0 / 18.x < 18.5.0 Multiple Vulnerabilities (July 7th 2022 Security Releases).

The version of Node.js installed on the remote host is prior to 14.20.0, 16.16.0, 18.5.0. It is, therefore, affected by multiple vulnerabilities as referenced in the July 7th 2022 Security Releases ad ...

Continue Reading
[SECURITY] [DLA 3133-1] lighttpd security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3133-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ ...

Continue Reading

CVSS3 - HIGH

openSUSE 15 Security Update : lighttpd (openSUSE-SU-2022:10132-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:10132-1 advisory. - In lighttpd 1.4.65, mod_wstunnel does not init ...

Continue Reading
Security Bulletin: Vulnerability in Apache Tomcat affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

## Summary A vulnerability in Apache Tomcat affects the product's management GUI. The Command Line Interface is unaffected. ## Vulnerability Details **CVEID: **[CVE-2022-25762]() **DESCRIPTION: **Apac ...

Continue Reading

CVSS3 - HIGH

CVSS2 - HIGH

Debian DSA-5243-1 : lighttpd – security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5243 advisory. - In lighttpd 1.4.65, mod_wstunnel does not initialize a handle ...

Continue Reading

Back to Main

Subscribe for the latest news:
Generated by Feedzy