36 matches found
Astra Linux - уязвимость в wheel
An issue discovered in Python Packaging Authority PyPA Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli...
CLEANSTART-2026-UC40249 Security fixes for ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-wjrx-6529-hcj3 applied in versions: 0.37.1-r0
Multiple security vulnerabilities affect the atlantis-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-CZ64396 Security fixes for ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-wjrx-6529-hcj3 applied in versions: 0.37.1-r1
Multiple security vulnerabilities affect the atlantis package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-QX63233 Security fixes for ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-wjrx-6529-hcj3 applied in versions: 0.37.1-r1
Multiple security vulnerabilities affect the atlantis package. These issues are resolved in later releases. See references for individual vulnerability details...
async-ssh2-tokio (>=0.2.0 <=0.7.0), dev-tunnels (=0.1.0) +4 more potentially affected by CVE-2026-42189 via russh (>=0.34.0 <=0.37.1)
russh CARGO version =0.34.0, =0.2.0, =0.1.0, =0.2.0, =0.1.0, =0.4.1 - tunnels =0.1.0 Source cves: CVE-2026-42189 Source advisory: OSV:GHSA-F5V4-2WR6-HQMG...
DEBIAN-CVE-2026-31870
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.1, when a cpp-httplib client uses the streaming API httplib::stream::Get, httplib::stream::Post, etc., the library calls std::stoull directly on the Content-Length header value received from the server...
CVE-2026-31870
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.1, when a cpp-httplib client uses the streaming API httplib::stream::Get, httplib::stream::Post, etc., the library calls std::stoull directly on the Content-Length header value received from the server...
UBUNTU-CVE-2026-31870
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.1, when a cpp-httplib client uses the streaming API httplib::stream::Get, httplib::stream::Post, etc., the library calls std::stoull directly on the Content-Length header value received from the server...
EUVD-2026-11275
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.1, when a cpp-httplib client uses the streaming API httplib::stream::Get, httplib::stream::Post, etc., the library calls std::stoull directly on the Content-Length header value received from the server...
CVE-2026-31870 cpp-httplib Affected by Remote Process Crash via Malformed Content-Length Response Header
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.1, when a cpp-httplib client uses the streaming API httplib::stream::Get, httplib::stream::Post, etc., the library calls std::stoull directly on the Content-Length header value received from the server...
CVE-2026-31870
cpp-httplib prior to 0.37.1 uses streaming API (httplib::stream::Get, httplib::stream::Post, etc.) and directly calls std::stoull on the Content-Length header without validation, causing unhandled exceptions and a deterministic crash via std::terminate() when a non-numeric or out-of-range value i...
CVE-2026-31870
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.1, when a cpp-httplib client uses the streaming API httplib::stream::Get, httplib::stream::Post, etc., the library calls std::stoull directly on the Content-Length header value received from the server...
CVE-2026-31870 cpp-httplib Affected by Remote Process Crash via Malformed Content-Length Response Header
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.1, when a cpp-httplib client uses the streaming API httplib::stream::Get, httplib::stream::Post, etc., the library calls std::stoull directly on the Content-Length header value received from the server...
Linux Distros Unpatched Vulnerability : CVE-2026-31870
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.1, when a cpp-httplib client uses the streaming API...
PT-2026-24759
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.1, when a cpp-httplib client uses the streaming API httplib::stream::Get, httplib::stream::Post, etc., the library calls std::stoull directly on the Content-Length header value received from the server...
python-wheel: remote attackers can cause denial of service via attacker controlled input to wheel cli
An issue discovered in Python Packaging Authority PyPA Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli...
An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
...
PT-2024-40018 · Ckb · Ckb
Name of the Vulnerable Software and Affected Versions: Ckb versions prior to 0.35.2 Ckb versions prior to 0.36.1 Ckb versions prior to 0.37.1 Ckb versions prior to 0.38.2 Description: The issue causes faulty nodes to reject transactions that call the load cell data syscall when the input cell is...
CVE-2023-34450
CometBFT (CVE-2023-34450) describes a deadlock in PeerState JSON serialization introduced by a change in versions 0.34.28 and 0.37.1. The deadlock can be triggered either by logging to JSON (consensus module set to debug) or by the RPC dump_consensus_state, potentially halting the node. The issue...
CVE-2023-34450 CometBFT PeerState JSON serialization deadlock
CometBFT is a Byzantine Fault Tolerant BFT middleware that takes a state transition machine and replicates it on many machines. An internal modification made in versions 0.34.28 and 0.37.1 to the way struct PeerState is serialized to JSON introduced a deadlock when new function MarshallJSON is...