226 matches found
[SECURITY] Fedora 38 Update: nodejs20-19.8.1-7.fc38
Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...
Moderate: Red Hat Security Advisory: Custom Metrics Autoscaler Operator for Red Hat OpenShift (with security updates)
Custom Metrics Autoscaler Operator for Red Hat OpenShift including security updates. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
SUSE CVE-2012-3421
The pduread function in pdu.c in libpcp in Performance Co-Pilot PCP before 3.6.5 does not properly time out connections, which allows remote attackers to cause a denial of service pmcd hang by sending individual bytes of a PDU separately, related to an "event-driven programming flaw."...
[SECURITY] Fedora 36 Update: nodejs-16.18.1-1.fc36
Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...
[SECURITY] Fedora 37 Update: nodejs-18.12.1-1.fc37
Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...
[SECURITY] Fedora 35 Update: nodejs-16.18.1-1.fc35
Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...
Fedora: Security Advisory for nodejs (FEDORA-2022-52dec6351a)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for nodejs (FEDORA-2022-1667f7b60a)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for nodejs (FEDORA-2022-de515f765f)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
yajl security update
An update is available for yajl. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Yet Another JSON Library YAJL is a small event-driven SAX-style JSON parser...
Moderate: yajl security update
Yet Another JSON Library YAJL is a small event-driven SAX-style JSON parser written in ANSI C, and a small validating JSON generator. Security Fixes: yajl: heap-based buffer overflow when handling large inputs due to an integer overflow CVE-2022-24795 For more details about the security issues,...
Moderate: Red Hat Security Advisory: yajl security update
An update for yajl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
yajl security update
An update is available for yajl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Yet Another JSON Library YAJL is a small event-driven SAX-style JSON parser...
RLSA-2022:7524 Moderate: yajl security update
Yet Another JSON Library YAJL is a small event-driven SAX-style JSON parser written in ANSI C and a small validating JSON generator. Security Fixes: yajl: heap-based buffer overflow when handling large inputs due to an integer overflow CVE-2022-24795 For more details about the security issues,...
ALSA-2022:7524 Moderate: yajl security update
Yet Another JSON Library YAJL is a small event-driven SAX-style JSON parser written in ANSI C and a small validating JSON generator. Security Fixes: yajl: heap-based buffer overflow when handling large inputs due to an integer overflow CVE-2022-24795 For more details about the security issues,...
Spring Tips: Spring Boot & Apache Kafka
Hi, Spring fans! In this installment of Spring Tips, I look at the venerable Apache Kafka broker and its integrations at various level of abstraction in the Spring Boot ecosystem. Want to learn more about event driven architectures, AOT and GraalVM, Apache Kafka, and Spring Boot? SpringOne 2022 i...
This Week in Spring - October 4th, 2022
Hi, Spring fans! Welcome to another installment of This Week in Spring! Its October 4th, 2022, and Im in Austin, TX, for the new version of show formerly known as the Kafka Summit, here to talk to folks about the amazing opportunities for Spring Boot and Apache Kafka. On the 12th, Ill be in...
Event-Driven Architectures & the Security Implications
This article explores event-driven architecture EDA with a detailed definition and explains how EDA offers many essential benefits to developers. It concludes with an outline of some best practices for mitigating security concerns...
Uncontrolled Resource Consumption
Argo Events is an event-driven workflow automation framework for Kubernetes. Prior to version 1.7.1, several HandleRoute endpoints make use of the deprecated ioutil.ReadAll. ioutil.ReadAll reads all the data into memory. As such, an attacker who sends a large request to the Argo Events server wil...
Twisted has unspecified vulnerabilities
Twisted is an event-driven open source network engine written in Python. Twisted has security vulnerabilities, and no details of the vulnerabilities are currently available...