6 matches found
OpenClaw: Gateway WebSocket Denial of Service via unbounded pre-auth upgrades
Summary The gateway accepted unbounded concurrent unauthenticated WebSocket upgrades before allocating them to an authenticated session budget. Impact An unauthenticated network attacker could consume socket and worker capacity and disrupt WebSocket availability for legitimate clients. Affected...
OPENSUSE-SU-2026:20384-1 Security update for libsoup
This update for libsoup fixes the following issues: Update to libsoup 3.6.6: - CVE-2025-12105: heap use-after-free in message queue handling during HTTP/2 read completion bsc1252555. - CVE-2025-14523: Duplicate Host Header Handling Causes Host-Parsing Discrepancy bsc1254876. - CVE-2025-32049:...
CVE-2024-11835
Uncontrolled Resource Consumption vulnerability in PlexTrac allows WebSocket DoS.This issue affects PlexTrac: from 1.61.3 before 2.8.1...
CVE-2024-11835
The CVE-2024-11835 entry concerns an Uncontrolled Resource Consumption vulnerability in PlexTrac that enables a WebSocket DoS . Affected are PlexTrac versions from 1.61.3 through before 2.8.1. The issue arises from uncontrolled resource usage, which can exhaust server resources and potentially di...
Important: tomcat
Issue Overview: A privilege escalation flaw was found in Tomcat when the JMX Remote Lifecycle Listener was enabled. A local attacker without access to the Tomcat process or configuration files could be able to manipulate the RMI registry to perform a man-in-the-middle attack. The attacker could...
SUSE-SU-2020:2611-1 Security update for tomcat
This update for tomcat fixes the following issues: - CVE-2020-1935: Fixed an HTTP request smuggling vulnerability bsc1164860. - CVE-2020-13935: Fixed a WebSocket DoS bsc1174117...