11155 matches found
CVE-2024-34488
OFPMultipartReply in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service infinite loop via b.length=0...
CVE-2024-34486
OFPPacketQueue in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service infinite loop via OFPQueueProp.len=0...
CVE-2024-34484
OFPBucket in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service infinite loop via action.len=0...
CVE-2024-34483
OFPGroupDescStats in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service infinite loop via OFPBucket.len=0...
CVE-2024-34483
OFPGroupDescStats in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service infinite loop via OFPBucket.len=0...
CVE-2024-34489
CVE-2024-34489 affects Faucet SDN Ryu 4.34. The issue is in the OFPHello handling in parser.py, where a crafted length=0 input allows an attacker to trigger an infinite loop, causing a denial of service. Root cause: inadequate input validation for length=0. CVSS v3.1 indicates NETWORK attack vect...
CVE-2024-34483
OFPGroupDescStats in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service infinite loop via OFPBucket.len=0...
CVE-2024-34487
OFPFlowStats in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service infinite loop via inst.length=0...
CVE-2024-34484
OFPBucket in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service infinite loop via action.len=0...
CVE-2024-34486
OFPPacketQueue in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service infinite loop via OFPQueueProp.len=0...
CVE-2024-34483
OFPGroupDescStats in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service infinite loop via OFPBucket.len=0...
CVE-2024-34487
OFPFlowStats in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service infinite loop via inst.length=0...
CVE-2024-34487
CVE-2024-34487 affects Faucet SDN Ryu 4.34, where OFPFlowStats in parser.py is vulnerable. The root cause is inadequate input handling in the OFPFlowStats path, allowing an attacker to trigger a denial of service by setting inst.length = 0, potentially causing an infinite loop. The DoS impact is ...
PT-2024-25935 · Unknown · Faucet Sdn Ryu
Name of the Vulnerable Software and Affected Versions: Faucet SDN Ryu version 4.34 Description: The issue allows attackers to cause a denial of service infinite loop via action.len=0 in OFPBucket in parser.py. Recommendations: For version 4.34, consider disabling the OFPBucket function in parser....
PT-2024-25937 · Unknown · Faucet Sdn Ryu
Name of the Vulnerable Software and Affected Versions: Faucet SDN Ryu version 4.34 Description: The issue allows attackers to cause a denial of service infinite loop via inst.length=0 in OFPFlowStats in parser.py. Recommendations: For version 4.34, consider disabling the OFPFlowStats function in...
PT-2024-25936 · Unknown · Faucet Sdn Ryu
Name of the Vulnerable Software and Affected Versions: Faucet SDN Ryu version 4.34 Description: The issue allows attackers to cause a denial of service infinite loop via OFPQueueProp.len=0. This occurs in the OFPPacketQueue in parser.py. Recommendations: For version 4.34, consider disabling the...
PT-2024-25934 · Unknown · Faucet Sdn Ryu
Name of the Vulnerable Software and Affected Versions: Faucet SDN Ryu version 4.34 Description: The issue allows attackers to cause a denial of service infinite loop via OFPBucket.len=0 in OFPGroupDescStats in parser.py. Recommendations: For version 4.34, consider disabling the OFPGroupDescStats...
PT-2024-25938 · Unknown · Faucet Sdn Ryu
Name of the Vulnerable Software and Affected Versions: Faucet SDN Ryu version 4.34 Description: The issue allows attackers to cause a denial of service infinite loop via b.length=0 in OFPMultipartReply in parser.py. Recommendations: For version 4.34, consider disabling the OFPMultipartReply...
GHSA-5M98-QGG9-WH84 aiohttp vulnerable to Denial of Service when trying to parse malformed POST requests
Summary An attacker can send a specially crafted POST multipart/form-data request. When the aiohttp server processes it, the server will enter an infinite loop and be unable to process any further requests. Impact An attacker can stop the application from serving requests after sending a single...
CVE-2024-30251
An infinite loop flaw was found in aiohttp when handling POST multipart/form-data requests. This flaw allows an attacker to send a specially crafted request, leading the server to enter an infinite loop and render it unable to process any further requests. This denial of service can be triggered ...