Buffer leak on incoming WebSocket PONG message(s) in Undertow before 2.0.40 and 2.2.10 can lead to memory exhaustion and allow a denial of service.Read More ...
Continue Reading
July 15, 2022
The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a co ...
Continue Reading
July 14, 2022
### Impact A large response received by the viaduct WSClient can cause a DoS from memory exhaustion. The entire body of the response is being read into memory which could allow an attacker to send a r ...
Continue Reading
July 11, 2022
KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, a large response received by ...
Continue Reading
July 11, 2022
### Impact A large response received by the viaduct WSClient can cause a DoS from memory exhaustion. The entire body of the response is being read into memory which could allow an attacker to send a r ...
Continue Reading
July 11, 2022
Greetings. I have found a read-beyond-bounds bug in lua_websocket_readbytes() that permits an attacker to exfiltrate a controllable amount of heap data if the victim site runs a suitable LUA program. ...
Continue Reading
July 09, 2022
Node.js reports: HTTP Request Smuggling - Flawed Parsing of Transfer-Encoding (Medium)(CVE-2022-32213) The llhttp parser in the http module does not correctly parse and validate Transfer-Encodin ...
Continue Reading
July 08, 2022
If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that ...
Continue Reading
July 07, 2022
Back to Main
