5331 matches found
CVE-2024-40404
Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the API endpoint where Web Sockets connections are established...
ALSA-2024:9573 Important: libsoup security update
The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: infinite loop while reading websocket data CVE-2024-52532 libsoup: HTTP request smuggling via stripping null bytes from the ends of header names CVE-2024-52530 For more details about the security...
CVE-2024-52532
A flaw was found in Libsoup. The soupwebsocketconnectionread function uses a loop that reads incoming WebSocket data via the glib library. This issue makes it possible to cause the loop to run indefinitely by sending a continuous stream of data to it. The effect will prevent the DCV service from...
CVE-2024-52532
GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients...
AZL-53081 CVE-2024-52532 affecting package libsoup for versions less than 3.4.4-2
GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients...
CVE-2024-52532
GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients...
DEBIAN-CVE-2024-52532
GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients...
AZL-52998 CVE-2024-52532 affecting package libsoup for versions less than 3.0.4-2
GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients...
UBUNTU-CVE-2024-52532
GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients...
libsoup 安全漏洞
libsoup is a GNOME HTTP client/server library from the GNOME Project. A security vulnerability exists in libsoup versions prior to 3.6.1, which stems from an infinite loop and memory consumption when reading WebSocket data from a client in certain modes...
CVE-2024-52532
GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients...
CVE-2024-52532
GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients...
CVE-2024-52532
CVE-2024-52532 affects GNOME libsoup; versions before 3.6.1 have an infinite loop when processing certain WebSocket data, causing memory exhaustion and potential denial of service. Multiple connected advisories corroborate the issue and indicate upgrading to libsoup 3.6.1 or newer as remediation....
CVE-2024-52532
GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients...
CVE-2024-52532
GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients...
OESA-2024-2353 undertow security update
Java web server using non-blocking IO Security Fixes: A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability.CVE-2021-36...
[SECURITY] Fedora 41 Update: python-quart-0.19.8-1.fc41
Quart is an async Python web microframework. Using Quart you can, render and serve HTML templates, write RESTful JSON APIs, serve WebSockets, stream request and response data, do pretty much anything over the HTTP or WebSocket protocols...
CVE-2024-48059
gaizhenbiao/chuanhuchatgpt project, version =20240802 is vulnerable to stored Cross-Site Scripting XSS in WebSocket session transmission. An attacker can inject malicious content into a WebSocket message. When a victim accesses this session, the malicious JavaScript is executed in the victim's...
CVE-2024-48059
gaizhenbiao/chuanhuchatgpt project, version =20240802 is vulnerable to stored Cross-Site Scripting XSS in WebSocket session transmission. An attacker can inject malicious content into a WebSocket message. When a victim accesses this session, the malicious JavaScript is executed in the victim's...
CVE-2024-48059
CVE-2024-48059 affects gaizhenbiao/chuanhuchatgpt up to version 20240802, vulnerable to stored XSS in WebSocket session transmissions. An attacker can inject malicious content into a WebSocket message, with execution of injected script in a victim’s browser when the session is accessed. The root ...