Linux Distros Unpatched Vulnerability : CVE-2023-43669

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Tungstenite crate before 0.20.1 for Rust allows remote attackers to cause a denial of service minutes of CPU consumption via an excessive length of an HTTP...

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to tungstenite-0.20.1.crate CVE-2023-43669

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to tungstenite-0.20.1.crate CVE-2023-43669. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-43669 DESCRIPTION: Snapview Tungstenite crate for Rust is vulnerable t...

Fedora: Security Advisory (FEDORA-2023-f81c1ab1e6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 40 : rust-axum / rust-tokio-tungstenite / rust-tungstenite / rust-warp (2023-f81c1ab1e6)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-f81c1ab1e6 advisory. - Update the axum crate to version 0.6.20. - Update the tokio-tungstenite crate to version 0.20.1. - Update the tungstenite crate to version 0.20.1. - Port...

SurrealDB vulnerable to Uncontrolled CPU Consumption via WebSocket Interface

SurrealDB depends on the tungstenite and tokio-tungstenite crates used by the axum crate, which handles connections to the SurrealDB WebSocket interface. On versions before 0.20.1, the tungstenite crate presented an issue which allowed the parsing of HTTP headers during the client handshake to...

Fedora: Security Advisory for rust-tokio-tungstenite (FEDORA-2023-9c4142423a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-warp (FEDORA-2023-9c4142423a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 38 : rust-axum / rust-tokio-tungstenite / rust-tungstenite / rust-warp (2023-9c4142423a)

The remote Fedora 38 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-9c4142423a advisory. - Update the axum crate to version 0.6.20. - Update the tokio-tungstenite crate to version 0.20.1. - Update the tungstenite crate to version 0.20.1. - Port...

Fedora 37 : rust-axum / rust-tokio-tungstenite / rust-tungstenite / rust-warp (2023-e72bf7b92e)

The remote Fedora 37 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-e72bf7b92e advisory. - Update the axum crate to version 0.6.20. - Update the tokio-tungstenite crate to version 0.20.1. - Update the tungstenite crate to version 0.20.1. - Port...

Fedora: Security Advisory (FEDORA-2023-91a66898d2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-tokio-tungstenite (FEDORA-2023-91a66898d2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-43669

creationtimestamp| type| source ---|---|--- 2023-09-21 12:30:53+00:00| seen| https://t.me/cibsecurity/70873...

CVE-2023-43669 vulnerabilities

Vulnerabilities for packages: zed...

CVE-2023-43669

The CVE-2023-43669 issue affects the Tungstenite crate for Rust up to version 0.20.0, where an excessively long HTTP header in a client handshake can cause high CPU usage and denial of service. Affected projects using tungstenite (and dependent crates like tokio-tungstenite) are exposed to potent...