DEBIAN-CVE-2024-52532

GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients...

UBUNTU-CVE-2024-52532

GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients...

USN-7098-1: OpenJDK 17 vulnerabilities

Andy Boothe discovered that the Networking component of OpenJDK 17 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. CVE-2024-21208 It was discovered that the Hotspot component of OpenJDK 17 did not...

USN-7097-1: OpenJDK 11 vulnerabilities

Andy Boothe discovered that the Networking component of OpenJDK 11 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. CVE-2024-21208 It was discovered that the Hotspot component of OpenJDK 11 did not...

CVE-2024-52532

GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients...

libsoup 安全漏洞

libsoup is a GNOME HTTP client/server library from the GNOME Project. A security vulnerability exists in libsoup versions prior to 3.6.1, which stems from an infinite loop and memory consumption when reading WebSocket data from a client in certain modes...

CVE-2024-52532

GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients...

CVE-2024-52532

CVE-2024-52532 affects GNOME libsoup; versions before 3.6.1 have an infinite loop when processing certain WebSocket data, causing memory exhaustion and potential denial of service. Multiple connected advisories corroborate the issue and indicate upgrading to libsoup 3.6.1 or newer as remediation....

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : OpenJDK 8 vulnerabilities (USN-7096-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7096-1 advisory. Andy Boothe discovered that the Networking component of OpenJDK 8 did not properly handle access...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : OpenJDK 11 vulnerabilities (USN-7097-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7097-1 advisory. Andy Boothe discovered that the Networking component of OpenJDK 11 did not properly handle access under certa...

SUSE CVE-2023-50570

An issue in the component IPAddressBitsDivision of IPAddress v5.1.0 leads to an infinite loop. This is disputed because an infinite loop occurs only for cases in which the developer supplies invalid arguments. The product is not intended to always halt for contrived inputs...

The vulnerability of component b43 in the Linux operating system’s kernel, related to a loop with an unreachable exit condition, allows a attacker to cause a service failure.

The vulnerability of component b43 in the Linux operating system’s kernel is related to an infinite loop in the functions b43dmatx and b43dmahandletxstatus in the file drivers/net/wireless/broadcom/b43/dma.c. Exploiting this vulnerability can allow a attacker to cause a service failure...

RockyLinux 9 : kernel (RLSA-2024:8617)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:8617 advisory. hw: cpu: intel: Native Branch History Injection BHI CVE-2024-2201 kernel: tcp: add sanity checks to rx zerocopy CVE-2024-26640 kernel: mptcp: fix data...

The vulnerability of FFmpeg’s multi-media library’s demultiplexer, related to executing a loop with an unavailable exit condition, allows attackers to cause service failures.

The vulnerability of the demultiplexer of the FFmpeg multimedia library relates to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability can allow a malicious actor to cause a service failure using a specially created PVA file...

RHEL 8 : container-tools:rhel8 (RHSA-2024:6969)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6969 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang:...

github.com/jaraco/zipp: Denial of Service (infinite loop) via crafted zip file in jaraco/zipp

A flaw was found in jaraco/zipp. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is...

EulerOS 2.0 SP12 : python-zipp (EulerOS-SA-2024-2792)

According to the versions of the python-zipp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggere...

OESA-2024-2306 motif security update

This module is motif run-time environment, which includes the motif shared libraries. Security Fixes: A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial...

OESA-2024-2305 freeimage security update

FreeImage is a library project for developers who would like to support popular graphics image formats PNG, JPEG, TIFF, BMP and others. Some highlights are: extremely simple in use, not limited to the local PC unique FreeImageIO and Plugin driven! Security Fixes: Buffer Overflow vulnerability in...

Important: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.12.6 security update

An update is now available for Red Hat OpenShift GitOps v1.12.6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...