### Impact A large response received by the viaduct WSClient can cause a DoS from memory exhaustion. The entire body of the response is being read into memory which could allow an attacker to send a r ...
Continue Reading
July 11, 2022
Greetings. I have found a read-beyond-bounds bug in lua_websocket_readbytes() that permits an attacker to exfiltrate a controllable amount of heap data if the victim site runs a suitable LUA program. ...
Continue Reading
July 09, 2022
Node.js reports: HTTP Request Smuggling - Flawed Parsing of Transfer-Encoding (Medium)(CVE-2022-32213) The llhttp parser in the http module does not correctly parse and validate Transfer-Encodin ...
Continue Reading
July 08, 2022
If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that ...
Continue Reading
July 07, 2022
Tiny WebSocket library for Go.Read More ...
Continue Reading
July 04, 2022
# Description Admin can add a member to his personal collection .But if admin removed that user from this collection then that user still can see realtime document update content. # Proof of Concept ...
Continue Reading
July 04, 2022
The AuthenticateMethod authentication hook is not called for WebSocket connections, allowing unauthenticated access. This issue only affects WebSockets with an AuthenticateMethod hook. Request handler ...
Continue Reading
July 01, 2022
Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 6.4.24 serve ...
Continue Reading
July 01, 2022
Back to Main
