3 matches found
CLSA-2024-1716924362 httpd: Fix of CVE-2024-27316
CVE-2024-27316: fix HTTP/2 DoS vulnerability caused by memory exhaustion from endless continuation frames: Incoming headers that exceed limits are buffered in nghttp2 to generate an HTTP 413 response...
CLSA-2024-1716915132 httpd: Fix of CVE-2024-27316
CVE-2024-27316: fix HTTP/2 DoS vulnerability caused by memory exhaustion from endless continuation frames: Incoming headers that exceed limits are buffered in nghttp2 to generate an HTTP 413 response...
Chaturbate: Unrestricted POST request size on roomlogin endpoint
POST requests to endpoint /roomlogin/ are not limited in size. While the main website login endpoint correctly limits the size of request, this endpoint does not. This can be a mean to perform a DOS attack. Steps To Reproduce: 1. has a password-protected stream. 2. Send a large POST request to...