59 matches found
CVE-2019-8849
CVE-2019-8849 concerns a SwiftNIO TLS vulnerability where an application using TLS could execute arbitrary code. The issue is described as a result of signaling that an executable stack is not required, and the fixed version is SwiftNIO SSL 2.4.1 . The provided documents consistently refer to the...
About the security content of SwiftNIO SSL 2.4.1 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...
The vulnerability relates to the implementation of the HTTP/2 server using the nginx software framework and Node.js, as well as the SwiftNIO networking library. It involves an uncontrolled resource consumption, allowing attackers to cause service failures.
The vulnerability of the HTTP/2 server implementation of nginx, a Node.js software platform, and the SwiftNIO networking framework is related to an uncontrolled resource consumption when processing a header with a parameter equal to zero. Exploiting this vulnerability could allow a malicious acto...
The vulnerability of the `connection.c` component of the HTTP/2 web server Apache Traffic Server, the H2O web server, Node.js software platform, and the SwiftNIO networking framework allows a attacker to cause a service failure.
The vulnerability of the connection.c component of the HTTP/2 web server Apache Traffic Server, the H2O web server, the Node.js software platform, and the SwiftNIO networking framework is related to errors in the resource consumption control mechanism. Exploiting this vulnerability can allow an...
About the security content of SwiftNIO SSL 2.4.1
About the security content of SwiftNIO SSL 2.4.1 This document describes the security content of SwiftNIO SSL 2.4.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases...
The vulnerability relates to the implementation of the HTTP/2 network protocol on Windows operating systems, Apache Traffic Server web servers, H2O web servers, network programming tools such as netty, SwiftNIO, Envoy, and the Node.js software platform. This allows attackers to induce service failures.
The vulnerability of the HTTP/2 network protocol implementation in Windows operating systems, Apache Traffic Server web servers, H2O web servers, network programming tools such as netty, SwiftNIO, Envoy, and Node.js software platforms is related to an uncontrolled resource consumption. Exploiting...
About the security content of SwiftNIO HTTP/2 1.5.0 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...
Microsoft Windows 'HTTP.sys' CVE-2019-9514 Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected system to become unresponsive, resulting in a denial-of-service condition. Technologies Affected Apple SwiftNIO HTTP/2 1.0.0 Apple SwiftNIO HTTP/2 1.1.0 App...
Microsoft Windows 'HTTP.sys' CVE-2019-9518 Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected system to become unresponsive, resulting in a denial-of-service condition. Technologies Affected Apple SwiftNIO HTTP/2 1.0.0 Apple SwiftNIO HTTP/2 1.1.0 App...
Microsoft Windows 'HTTP.sys' CVE-2019-9512 Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected system to become unresponsive, resulting in a denial-of-service condition. Technologies Affected Apple SwiftNIO HTTP/2 1.0.0 Apple SwiftNIO HTTP/2 1.1.0 App...
About the security content of SwiftNIO HTTP/2 1.5.0
About the security content of SwiftNIO HTTP/2 1.5.0 This document describes the security content of SwiftNIO HTTP/2 1.5.0. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...
CVE-2018-4281
In SwiftNIO before 1.8.0, a buffer overflow was addressed with improved size validation...
CVE-2018-4281
In SwiftNIO before 1.8.0, a buffer overflow was addressed with improved size validation...
Buffer overflow
In SwiftNIO before 1.8.0, a buffer overflow was addressed with improved size validation...
CVE-2018-4281
SwiftNIO before 1.8.0 is affected by a buffer overflow due to insufficient size validation. The vulnerability impacts the SwiftNIO network framework (Appleās SwiftNIO), enabling a remote attacker to overwrite memory. Remediation is to upgrade to a version with the security content, e.g., SwiftNIO...
CVE-2018-4281
In SwiftNIO before 1.8.0, a buffer overflow was addressed with improved size validation...
Apple SwiftNIO Buffer Overflow Vulnerability
SwiftNIO is an event-driven, non-blocking networking framework for writing high-performance networking applications. A buffer overflow vulnerability exists in Apple SwiftNIO, which can be exploited by a remote attacker to overwrite arbitrary memory...
About the security content of SwiftNIO 1.8.0 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...
About the security content of SwiftNIO 1.8.0
About the security content of SwiftNIO 1.8.0 This document describes the security content of SwiftNIO 1.8.0. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...