2566 matches found
CVE-2023-42504
An authenticated malicious user could initiate multiple concurrent requests, each requesting multiple dashboard exports, leading to a possible denial of service. This issue affects Apache Superset: before 3.0.0...
CVE-2023-42504 Apache Superset: Lack of rate limiting allows for possible denial of service
An authenticated malicious user could initiate multiple concurrent requests, each requesting multiple dashboard exports, leading to a possible denial of service. This issue affects Apache Superset: before 3.0.0...
PT-2023-28378 · Apache · Apache Superset
Name of the Vulnerable Software and Affected Versions: Apache Superset versions prior to 3.0.0 Description: The issue allows an authenticated malicious user to initiate multiple concurrent requests, each requesting multiple dashboard exports. This could lead to a possible denial of service...
The vulnerability of the `qxl_gem_object_create_with_handle()` function in the `drivers/gpu/drm/qxl/qxl_gem.c` file of the Linux operating system’s kernel driver QXL allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the qxlgemobjectcreatewithhandle function in the drivers/gpu/drm/qxl/qxlgem.c driver of the Linux operating system is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to...
The getPriceAndFee() function performs calculations without implementing reentrancy protection.
Lines of code Vulnerability details Impact An attacker could call getPriceAndFee multiple times concurrently, read intermediate state, and craft calls to exploit any assumptions made between calculations. This could undermine the intended bonding curve pricing logic. Proof of Concept getPriceAndF...
kernel: drm/i915/active: Fix misuse of non-idle barriers as fence trackers
In the Linux kernel, the following vulnerability has been resolved: drm/i915/active: Fix misuse of non-idle barriers as fence trackers Users reported oopses on list corruptions when using i915 perf with a number of concurrently running graphics applications. Root cause analysis pointed at an issu...
kernel: net/sched: flower: fix filter idr initialization
A flaw was found in the Linux kernel’s networking traffic control flower classifier. The initialization of the filter IDR was moved too early in the flchange path, allowing concurrent access by multiple users while the structure was still in an inconsistent state. Under certain conditions, this...
kernel: iommufd: IOMMUFD_DESTROY should not increase the refcount
A race condition was identified in the iommufd subsystem of the Linux kernel where the IOMMUFDDESTROY command incorrectly increments an object’s reference count without holding the expected exclusive synchronization destroyrwsem. This violates the assumption that temporary reference count...
GO-2023-2153 Denial of service from HTTP/2 Rapid Reset in google.golang.org/grpc
An attacker can send HTTP/2 requests, cancel them, and send subsequent requests. This is valid by the HTTP/2 protocol, but would cause the gRPC-Go server to launch more concurrent method handlers than the configured maximum stream limit, grpc.MaxConcurrentStreams. This results in a denial of...
GHSA-M425-MQ94-257G gRPC-Go HTTP/2 Rapid Reset vulnerability
Impact In affected releases of gRPC-Go, it is possible for an attacker to send HTTP/2 requests, cancel them, and send subsequent requests, which is valid by the HTTP/2 protocol, but would cause the gRPC-Go server to launch more concurrent method handlers than the configured maximum stream limit...
gRPC-Go HTTP/2 Rapid Reset vulnerability
Impact In affected releases of gRPC-Go, it is possible for an attacker to send HTTP/2 requests, cancel them, and send subsequent requests, which is valid by the HTTP/2 protocol, but would cause the gRPC-Go server to launch more concurrent method handlers than the configured maximum stream limit...
Werkzeug DoS: High resource usage when parsing multipart/form-data containing a large part with CR/LF character at the beginning
Werkzeug multipart data parser needs to find a boundary that may be between consecutive chunks. That's why parsing is based on looking for newline characters. Unfortunately, code looking for partial boundary in the buffer is written inefficiently, so if we upload a file that starts with CR or LF...
What to know about the HTTP/2 Rapid Reset DDoS attacks
Cisco Talos is actively tracking the novel distributed denial-of-service DDoS attacks cloud services provider Cloudflare disclosed earlier this week. The techniques described in Cloudflares blog post resulted in a record-breaking DDoS attack and could facilitate much larger attacks in the future...
AZL-37440 CVE-2023-39325 affecting package golang for versions less than 1.21.6-1
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...
AZL-37478 CVE-2023-39325 affecting package golang for versions less than 1.21.6-1
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...
AZL-31857 CVE-2023-39325 affecting package kured for versions less than 1.9.1-14
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...
AZL-34015 CVE-2023-39325 affecting package kata-containers-cc for versions less than 3.2.0.azl2-1
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...
AZL-42861 CVE-2023-39325 affecting package multus for versions less than 4.0.2-3
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...
AZL-31616 CVE-2023-39325 affecting package telegraf for versions less than 1.27.3-3
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...
AZL-31660 CVE-2023-39325 affecting package skopeo for versions less than 1.12.0-4
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...