Security update for python-aiohttp

This update for python-aiohttp fixes the following issues: CVE-2024-30251: Fixed infinite loop on specially crafted POST request bsc1223726. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

SUSE-SU-2024:4328-1 Security update for python-aiohttp

This update for python-aiohttp fixes the following issues: - CVE-2024-30251: Fixed infinite loop on specially crafted POST request bsc1223726...

Security update for python-aiohttp

This update for python-aiohttp fixes the following issues: CVE-2024-30251: Fixed infinite loop on specially crafted POST request bsc1223726. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

SUSE-SU-2024:4327-1 Security update for python-aiohttp

This update for python-aiohttp fixes the following issues: - CVE-2024-30251: Fixed infinite loop on specially crafted POST request bsc1223726...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libsoup2 (SUSE-SU-2024:4290-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4290-1 advisory. - CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header...

GO-2024-3205 Infinite loop in github.com/gomarkdown/markdown

Infinite loop in github.com/gomarkdown/markdown...

Important: libsoup

Issue Overview: GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored, i.e., a "Transfer-Encoding\0: chunked" header is treated the same as a "Transfer-Encoding: chunked" header. CVE-2024-52530 GNOME libsoup...

SUSE-SU-2024:4290-1 Security update for libsoup2

This update for libsoup2 fixes the following issues: - CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285 - CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict bsc1233292 - CVE-2024-52532: Fixed...

Amazon Linux 2023 : libsoup, libsoup-devel (ALAS2023-2024-772)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-772 advisory. GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored, i.e., a Transfer-Encoding\0: chunked header is...

The vulnerability of the pciehp component in Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the pciehp component in Linux operating systems is related to an infinite loop. Exploiting this vulnerability can allow a perpetrator to cause a service failure...

Infinite loop

Overview drupal/core is an an open source content management platform powering millions of websites and applications. Affected versions of this package are vulnerable to Infinite loop via the Comment module. An attacker can trigger excessive resource consumption by making repeated comment reply...

The vulnerability of the Parse() function in the Golang programming language, related to integer overflow, allows attackers to cause a service failure.

The vulnerability of the Parse function in the Golang programming language is related to an infinite loop with integer overflow. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

ROS-20241203-01

The Go programming language vulnerability is related to errors in processing special characters "" in the in the context of CSS. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the Parse function of the Golang programming...

Updated libsoup3 & libsoup packages fix security vulnerabilities

GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored, i.e., a "Transfer-Encoding\0: chunked" header is treated the same as a "Transfer-Encoding: chunked" header. CVE-2024-52530 GNOME libsoup before 3.6.1...

MGASA-2024-0382 Updated libsoup3 & libsoup packages fix security vulnerabilities

GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored, i.e., a "Transfer-Encoding\0: chunked" header is treated the same as a "Transfer-Encoding: chunked" header. CVE-2024-52530 GNOME libsoup before 3.6.1...

OESA-2024-2479 libsoup3 security update

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. Security Fixes: GNOME libsoup before 3.6.1 has an infinite loop, and memory...

RIOT 安全漏洞

RIOT is RIOT's open source set of operating systems for applications in the Internet of Things IoT space. A security vulnerability exists in RIOT. An attacker exploiting this vulnerability can send IEEE 802.15.4 packets with forged length bytes and optionally forged FCS, which ultimately causes t...

Ubuntu: Security Advisory (USN-7126-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-bd09057dd2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CLSA-2024-1732700855 python3.9: Fix of CVE-2024-8088

CVE-2024-8088: Fix infinite loop vulnerability in zipfile.Path when iterating over zip archive entries...