EUVD-2024-51926

Malicious code in bioql PyPI...

BIT-ENVOY-2024-53271 HTTP/1.1 multiple issues with envoy.reloadable_features.http1_balsa_delay_reset in envoy

Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions envoy does not properly handle http 1.1 non-101 1xx responses. This can lead to downstream failures in networked devices. This issue has been addressed in versions 1.31.5 and 1.32.3. Users are advised to...

CVE-2024-53271

A flaw was found in Envoy. In affected versions, Envoy does not properly handle certain HTTP 1.1 responses. Specially-crafted requests may trigger failures or application crashes in networked devices, leading to a denial of service...

CVE-2024-53271 HTTP/1.1 multiple issues with envoy.reloadable_features.http1_balsa_delay_reset in envoy

Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions envoy does not properly handle http 1.1 non-101 1xx responses. This can lead to downstream failures in networked devices. This issue has been addressed in versions 1.31.5 and 1.32.3. Users are advised to...

CVE-2024-53271 HTTP/1.1 multiple issues with envoy.reloadable_features.http1_balsa_delay_reset in envoy

Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions envoy does not properly handle http 1.1 non-101 1xx responses. This can lead to downstream failures in networked devices. This issue has been addressed in versions 1.31.5 and 1.32.3. Users are advised to...

CVE-2024-53271

Envoy exposure CVE-2024-53271 affects the Envoy proxy where certain HTTP/1.1 non-101 1xx responses are not handled properly, causing downstream failures in networked devices. The issue has been fixed in releases 1.31.5 and 1.32.3. Public references across multiple feeds (Red Hat, SUSE, NVD, OSV, ...

GHSA-3J4H-H3FP-VWWW LNbits improperly handles potential network and payment failures when using Eclair backend

Summary Paying invoices in Eclair that do not get settled within the internal timeout about 30s lead to a payment being considered failed, even though it may still be in flight. Details Using blocking: true on the API call will lead to a timeout error if a payment does not get settled in the 30s...

CVE-2021-32755 Certificate pinning is not enforced on the web socket connection

Wire is a collaboration platform. wire-ios-transport handles authentication of requests, network failures, and retries for the iOS implementation of Wire. In the 3.82 version of the iOS application, a new web socket implementation was introduced for users running iOS 13 or higher. This new...

The vulnerability of the implementation of the fifth-generation network division mechanism (5G networks) into multiple independent virtual networks through “Network Slicing” arises from the lack of correlation between identifiers at the application layer and the transport layer. This allows attackers to disclose information about arbitrary network segments or cause service failures.

The vulnerability of the 5G network segmentation mechanism, which involves dividing the network into multiple independent virtual networks, is related to the lack of correlation between identifiers at the application layer and the transport layer. Exploiting this vulnerability can allow a malicio...

The vulnerability of the Scripting component in Java SE and Java SE Embedded software platforms allows attackers to trigger a service failure.

The vulnerability of the Scripting component in Java SE and Java SE Embedded programming platforms is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to cause service failures through various network protocols...

Multiple Vendor ICMP Implementation Malformed Path MTU DoS

No description provided by source. source: http://www.securityfocus.com/bid/13124/info Multiple vendor implementations of TCP/IP Internet Control Message Protocol ICMP are reported prone to several denial-of-service attacks. ICMP is employed by network nodes to determine certain automatic actions...

Multiple Vendor ICMP Message Handling - Denial of Service

source: https://www.securityfocus.com/bid/13124/info Multiple vendor implementations of TCP/IP Internet Control Message Protocol ICMP are reported prone to several denial-of-service attacks. ICMP is employed by network nodes to determine certain automatic actions to take based on network failures...