### Impact A large response received by the viaduct WSClient can cause a DoS from memory exhaustion. The entire body of the response is being read into memory which could allow an attacker to send a r ...
Continue ReadingJuly 11, 2022
Greetings. I have found a read-beyond-bounds bug in lua_websocket_readbytes() that permits an attacker to exfiltrate a controllable amount of heap data if the victim site runs a suitable LUA program. ...
Continue ReadingJuly 09, 2022
Node.js reports: HTTP Request Smuggling - Flawed Parsing of Transfer-Encoding (Medium)(CVE-2022-32213) The llhttp parser in the http module does not correctly parse and validate Transfer-Encodin ...
Continue ReadingJuly 08, 2022
If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that ...
Continue ReadingJuly 07, 2022
Tiny WebSocket library for Go.Read More ...
Continue ReadingJuly 04, 2022
# Description Admin can add a member to his personal collection .But if admin removed that user from this collection then that user still can see realtime document update content. # Proof of Concept ...
Continue ReadingJuly 04, 2022
The AuthenticateMethod authentication hook is not called for WebSocket connections, allowing unauthenticated access. This issue only affects WebSockets with an AuthenticateMethod hook. Request handler ...
Continue ReadingJuly 01, 2022
Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 6.4.24 serve ...
Continue ReadingJuly 01, 2022
Back to Main