94 matches found
SUSE-SU-2024:3876-1 Security update for python-waitress
This update for python-waitress fixes the following issues: - CVE-2024-49768: Fixed request processing race condition in HTTP pipelining with invalid first request when lookahead is enabled bsc1232556 - CVE-2024-49769: Fixed incorrect connection clean up leads to a busy-loop and resource exhausti...
OESA-2024-2334 python-waitress security update
Waitress is meant to be a production-quality pure-Python WSGI server with very acceptable performance. It has no dependencies except ones which live in the Python standard library. It runs on CPython on Unix and Windows under Python 2.7+ and Python 3.5+. It is also known to run on PyPy 1.6.0+ on...
OESA-2024-2333 python-waitress security update
Waitress is meant to be a production-quality pure-Python WSGI server with very acceptable performance. It has no dependencies except ones which live in the Python standard library. It runs on CPython on Unix and Windows under Python 2.7+ and Python 3.5+. It is also known to run on PyPy 1.6.0+ on...
OESA-2024-2336 python-waitress security update
Waitress is meant to be a production-quality pure-Python WSGI server with very acceptable performance. It has no dependencies except ones which live in the Python standard library. It runs on CPython on Unix and Windows under Python 2.7+ and Python 3.5+. It is also known to run on PyPy 1.6.0+ on...
OESA-2024-2335 python-waitress security update
Waitress is meant to be a production-quality pure-Python WSGI server with very acceptable performance. It has no dependencies except ones which live in the Python standard library. It runs on CPython on Unix and Windows under Python 2.7+ and Python 3.5+. It is also known to run on PyPy 1.6.0+ on...
AZL-51831 CVE-2024-49769 affecting package python-waitress for versions less than 3.0.1-1
Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer...
AZL-57396 CVE-2024-49768 affecting package python-waitress 3.0.1-1
Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may send a request that is exactly recvbytes defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default we won't read any more requests, and when the...
RHSA-2022:1264 Red Hat Security Advisory: Red Hat OpenStack Platform 13.0 (python-waitress) security update
Bulletin has no description...
RHSA-2022:1254 Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (python-waitress) security update
Bulletin has no description...
RHSA-2022:1253 Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (python-waitress) security update
Bulletin has no description...
RHEL 8 : python-waitress (RHSA-2020:0720)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0720 advisory. Waitress is a pure Python WSGI server which supports HTTP/1.0 and HTTP/1.1. Security Fixes: HTTP request smuggling through LF vs CRLF handli...
Amazon Linux 2022 : python-waitress (ALAS2022-2022-235)
It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-235 advisory. - Waitress is a Web Server Gateway Interface server for Python 2 and 3. When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-waitress (SUSE-SU-2022:3731-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3731-1 advisory. - CVE-2022-24761: Fixed a bug to avoid inconsistent interpretation of HTTP requests leading to request...
SUSE: Security Advisory (SUSE-SU-2022:3731-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:3731-1 Security update for python-waitress
This update for python-waitress fixes the following issues: - CVE-2022-24761: Fixed a bug to avoid inconsistent interpretation of HTTP requests leading to request smuggling. bsc1197255...
SUSE-SU-2022:3635-1 Security update for python-waitress
This update for python-waitress fixes the following issues: - CVE-2022-24761: Fixed a bug to avoid inconsistent interpretation of HTTP requests leading to request smuggling. bsc1197255...
SUSE-SU-2022:3583-1 Security update for python-waitress
This update for python-waitress fixes the following issues: - CVE-2022-24761: Fixed a bug to avoid inconsistent interpretation of HTTP requests leading to request smuggling. bsc1197256...
The vulnerability of the WSGI server for Python Waitress, related to HTTP request processing flaws, allows attackers to access confidential data and compromise its integrity.
The vulnerability of the WSGI server for Python Waitress relates to the improper handling of special header characters in the Transfer-Encoding header. Exploiting this vulnerability allows an attacker to remotely access confidential data and compromise its integrity through a specially crafted...
The vulnerability of the Python Waitress server, related to HTTP request processing flaws, allows attackers to compromise data integrity.
The vulnerability of the Python-based Waitress server is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a remote attacker to compromise data integrity...
The vulnerability of the WSGI server for Python Waitress allows attackers to compromise data integrity.
The vulnerability of the WSGI server for Python Waitress is related to an incorrect analysis of the Transfer-Encoding header. Exploiting this vulnerability allows a remote attacker to compromise data integrity...