4 matches found
Astra Linux – Vulnerability in Node.js
The generateKeys API function returned by crypto.createDiffieHellman only generates missing or outdated keys. In other words, it only generates a private key if none has been set yet. However, this function is also needed to compute the corresponding public key after calling setPrivateKey...
GHSA-8P33-Q827-GHJ5 dssrf: every IPv6 category bypasses is_url_safe
A vulnerability on dssrf allow, an attacker to use, one of them following ipv6 rust Input Category http://::1/ IPv6 loopback http://fc00::1/ IPv6 ULA http://fe80::1/ IPv6 link-local http://::ffff:127.0.0.1/ IPv4-mapped loopback http://::ffff:169.254.169.254/ IPv4-mapped IMDS...
dssrf: every IPv6 category bypasses is_url_safe
A vulnerability on dssrf allow, an attacker to use, one of them following ipv6 rust Input Category http://::1/ IPv6 loopback http://fc00::1/ IPv6 ULA http://fe80::1/ IPv6 link-local http://::ffff:127.0.0.1/ IPv4-mapped loopback http://::ffff:169.254.169.254/ IPv4-mapped IMDS...
CVE-2023-30590
The generateKeys API function returned from crypto.createDiffieHellman only generates missing or outdated keys, that is, it only generates a private key if none has been set yet, but the function is also needed to compute the corresponding public key after calling setPrivateKey. However, the...