Moderate: Red Hat Security Advisory: .NET 7.0 security update

An update for .NET 7.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

dotnet: DoS in .NET Core / YARP HTTP / 2 WebSocket support

A vulnerability was found in dotnet. The YARP HTTP/2 WebSocket support in .NET Core can cause a denial of service DoS...

CVE-2024-21392

A vulnerability was found in dotnet. The YARP HTTP/2 WebSocket support in .NET Core can cause a denial of service DoS. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and...

Querybook Data Falsification Issue Vulnerability

Querybook is an open source big data query UI for Pinterest. A data forgery issue vulnerability exists in Querybook versions prior to 3.32.0, which stems from the presence of cross-site websocket hijacking that allows an attacker to read/edit/delete a user's data document...

PT-2024-22367 · Querybook · Querybook

Name of the Vulnerable Software and Affected Versions: Querybook versions prior to 3.32.0 Description: The issue concerns Querybook, a Big Data Querying UI that combines collocated table metadata and a simple notebook interface. Querybook's datadocs functionality uses a Websocket Server, allowing...

Apache Tomcat Multiple DoS Vulnerabilities (Mar 2024) - Windows

Apache Tomcat is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apache Tomcat Multiple DoS Vulnerabilities (Mar 2024) - Linux

Apache Tomcat is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Moderate: .NET 7.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.117 and .NET Runtime 7.0.17...

Apache Tomcat 8.5.0 < 8.5.99 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 8.5.99. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat8.5.99security-8 advisory. - Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket...

Apache Tomcat 10.1.0.M1 < 10.1.19 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 10.1.19. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat10.1.19security-10 advisory. - Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for...

Unsafe Reflection

Overview stimulusreflex is an exciting new way to build modern, reactive, real-time apps with Ruby on Rails. Affected versions of this package are vulnerable to Unsafe Reflection due to the handling of websocket messages that allow specifying a classname and methodname. An attacker can manipulate...

StimulusReflex arbitrary method call

Summary More methods than expected can be called on reflex instances. Being able to call some of them has security implications. Details To invoke a reflex a websocket message of the following shape is sent: json "target": "classnamemethodname", "args": The server will proceed to instantiate refl...

PT-2024-22275

Name of the Vulnerable Software and Affected Versions stimulus reflex versions prior to 3.4.2 stimulus reflex versions prior to 3.5.0.rc4 Description The issue allows more methods than expected to be called on reflex instances, which has security implications. To invoke a reflex, a websocket...

StimulusReflex Security Vulnerability

StimulusReflex is a system that extends the functionality of Rails and Stimulus by intercepting user interactions and passing them to Rails via a live websocket. A security vulnerability exists in StimulusReflex 3.4.1 and earlier, 3.5.0.rc3 and earlier, which stems from a vulnerability that allow...

StimulusReflex arbitrary method call

Summary More methods than expected can be called on reflex instances. Being able to call some of them has security implications. Details To invoke a reflex a websocket message of the following shape is sent: json "target": "classnamemethodname", "args": The server will proceed to instantiate refl...

BIT-TOMCAT-2020-13935

The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 9.0.0 through 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service...

BIT-TOMCAT-2021-42340 DoS via memory leak with WebSocket connections

The fix for bug 63362 present in Apache Tomcat 10.1.0 to 10.1.0, 10.0.0 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the connection was closed. This...

BIT-MATTERMOST-2020-14457

An issue was discovered in Mattermost Server before 5.20.0. Non-members can receive broadcasted team details via the updateteam WebSocket event, aka MMSA-2020-0012...

BIT-MATTERMOST-2023-1775

When running in a High Availability configuration, Mattermost fails to sanitize some of the userupdated and postdeleted events broadcast to all users, leading to disclosure of sensitive information to some of the users with currently connected Websocket clients...

BIT-MATTERMOST-2023-2281

When archiving a team, Mattermost fails to sanitize the related Websocket event sent to currently connected clients. This allows the clients to see the name, display name, description, and other data about the archived team...