5326 matches found
SUSE CVE-2024-36387
Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance...
FreeBSD : Apache httpd -- Multiple vulnerabilities (d7efc2ad-37af-11ef-b611-84a93843eb75)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the d7efc2ad-37af-11ef-b611-84a93843eb75 advisory. The Apache httpd project reports: DoS by Null pointer in websocket over HTTP/2 CVE-2024-36387...
CVE-2024-36387
A flaw was found in the Apache HTTP Server. Serving WebSocket protocol upgrades over an HTTP/2 connection could result in a NULL pointer dereference, leading to a crash of the server process. Mitigation Mitigation for this issue is either not available or the currently available options do not me...
CVE-2024-36387
Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance...
DEBIAN-CVE-2024-36387
Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance...
CVE-2024-36387
Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance...
ALPINE-CVE-2024-36387
Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance...
AZL-43119 CVE-2024-36387 affecting package httpd for versions less than 2.4.61-1
Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance...
AZL-43089 CVE-2024-36387 affecting package httpd for versions less than 2.4.61-1
Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance...
UBUNTU-CVE-2024-36387
Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance...
CVE-2024-36387
CVE-2024-36387 affects the Apache httpd mod_http2 component: when serving WebSocket protocol upgrades over HTTP/2, it can trigger a NULL pointer dereference and crash the server, degrading performance (DoS). Connected advisories indicate patches across distributions (e.g., Debian security update ...
CVE-2024-36387 Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2
Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance...
CVE-2024-36387 Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2
Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance...
CVE-2024-36387
Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance...
Apache httpd -- Multiple vulnerabilities
The Apache httpd project reports: DoS by Null pointer in websocket over HTTP/2 CVE-2024-36387 Low. Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance. Proxy encoding problem...
CVE-2024-5820
An unprotected WebSocket connection in the latest version of stitionai/devika commit ecee79f allows a malicious website to connect to the backend and issue commands on behalf of the user. The backend serves all listeners on the given socket, enabling any such malicious website to intercept all...
PT-2024-37182 · Devika · Devika
Name of the Vulnerable Software and Affected Versions: stitutionai/devika version ecee79f Description: The issue arises from an unprotected WebSocket connection, allowing a malicious website to connect to the backend and issue commands on behalf of the user. This enables the malicious website to...
Devika Security Breach
Stition Devika is an advanced AI software engineer at Stition USA that understands advanced human commands, breaks them down into steps, researches the relevant information, and writes code to achieve a given goal. Devika has a security vulnerability that stems from an ineffectively protected...
Malicious code in websocket-cors (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-3947 Malicious code in websocket-cors (npm)
--- -= Per source details. Do not edit below this line.=-...