250 matches found
F5 Networks BIG-IP : Python vulnerabilities (K000139698)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the K000139698 advisory. - Integer overflow in the getdata function in zipimport.c in CPython aka Python before 2.7.12, 3.x before...
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1644)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1256)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Denial Of Service (DoS)
orjson is vulnerable to Denial Of Service. The vulnerability is due to the lack of recursion depth limits during parsing, which allows attackers to potentially cause denial of service by supplying deeply nested JSON documents...
serde-json-wasm stack overflow during recursive JSON parsing
When parsing untrusted, deeply nested JSON, the stack may overflow, possibly enabling a Denial of Service attack. This was fixed by adding a check for recursion depth...
Debian dla-3726 : bind9 - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3726 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3726-1 [email protected] https://www.debian.org/lts/security/...
RUSTSEC-2024-0012 Stack overflow during recursive JSON parsing
When parsing untrusted, deeply nested JSON, the stack may overflow, possibly enabling a Denial of Service attack. This was fixed by adding a check for recursion depth...
Stack overflow during recursive JSON parsing
When parsing untrusted, deeply nested JSON, the stack may overflow, possibly enabling a Denial of Service attack. This was fixed by adding a check for recursion depth...
EulerOS 2.0 SP10 : bind (EulerOS-SA-2023-3199)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only...
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1028)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1002)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 7 : bind (RHSA-2023:5691)
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5691 advisory. - The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by t...
Updated bind packages fix security vulnerabilities
The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory,...
CLSA-2023-1697136232 bind: Fix of CVE-2023-3341
CVE-2023-3341: Limit iscccccfromwire recursion depth...
bind: Fix of CVE-2023-3341
CVE-2023-3341: Limit iscccccfromwire recursion depth...
CLSA-2023-1697135570 bind: Fix of CVE-2023-3341
CVE-2023-3341: Limit iscccccfromwire recursion depth...
CLSA-2023-1697135138 bind: Fix of CVE-2023-3341
Limit iscccccfromwire recursion depth CVE-2023-3341...
CLSA-2023-1697134824 bind: Fix of CVE-2023-3341
CVE-2023-3341: Limit iscccccfromwire recursion depth...
CLSA-2023-1697134618 bind: Fix of CVE-2023-3341
CVE-2023-3341: Limit iscccccfromwire recursion depth...
CLSA-2023-1697134400 Fix CVE(s): CVE-2023-3341
SECURITY UPDATE: A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly - debian/patches/CVE-2023-3341.patch: Named and rndc do not need a lot of recursion so the depth is set to 10. - CVE-2023-3341...