In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the ser ...
Continue Reading
October 13, 2022
lighttpd is vulnerable to denial of service. The vulnerability exists due to a lack of initialization when an invalide HTTP request (websocket handshake) leading to a null pointer dereference allowing ...
Continue Reading
October 06, 2022
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3133 advisory. - In lighttpd 1.4.65, mod_wstunnel does not initialize a handler functio ...
Continue Reading
October 05, 2022
An invalid HTTP request (websocket handshake) may cause a `NULL` pointer dereference in the wstunnel module. For Debian 10 buster, this problem has been fixed in version 1.4.53-4+deb10u3. We recommend ...
Continue Reading
October 03, 2022
The version of Node.js installed on the remote host is prior to 14.20.0, 16.16.0, 18.5.0. It is, therefore, affected by multiple vulnerabilities as referenced in the July 7th 2022 Security Releases ad ...
Continue Reading
October 03, 2022
------------------------------------------------------------------------- Debian LTS Advisory DLA-3133-1 [email protected] https://www.debian.org/lts/security/ ...
Continue Reading
October 03, 2022
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:10132-1 advisory. - In lighttpd 1.4.65, mod_wstunnel does not init ...
Continue Reading
September 30, 2022
## Summary A vulnerability in Apache Tomcat affects the product's management GUI. The Command Line Interface is unaffected. ## Vulnerability Details **CVEID: **[CVE-2022-25762]() **DESCRIPTION: **Apac ...
Continue Reading
September 30, 2022
Back to Main
