A vulnerability was found in NodeJS, where the IsAllowedHost check can be easily bypassed because IsIPAddress does not properly check if an IP address is invalid or not. When an invalid IPv4 address ...
Continue Reading
August 03, 2022
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.6 is a ...
Continue Reading
August 03, 2022
An update that fixes one vulnerability is now available. Description: This update for python-jupyterlab fixes the following issues: Update to 2.2.10: * Remove `form` tags' `action` attribute ...
Continue Reading
August 02, 2022
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
August 01, 2022
Tiny WebSocket library for Go.Read More ...
Continue Reading
July 30, 2022
Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated u ...
Continue Reading
July 29, 2022
Buffer leak on incoming WebSocket PONG message(s) in Undertow before 2.0.40 and 2.2.10 can lead to memory exhaustion and allow a denial of service.Read More ...
Continue Reading
July 18, 2022
Tiny WebSocket library for Go.Read More ...
Continue Reading
July 17, 2022
Back to Main
