K18570111: BIG-IP ASM and Advanced WAF WebSocket vulnerability CVE-2021-23010

Security Advisory Description When the BIG-IP ASM/Advanced WAF system processes WebSocket requests with JSON payloads using the default JSON content profile in the ASM security policy, the BIG-IP ASM bd process may produce a core file. CVE-2021-23010 Impact When this vulnerability is exploited, t...

K29042031: Multiple Spring Framework vulnerabilities

Security Advisory Description On April 5th, 2018, three new vulnerabilities were published in the popular Java web framework called Spring. Details on these vulnerabilities and exploit code are not yet available, and mitigation details may change if and when the exploit code is available. You can...

K51351360: Websocket profile vulnerability CVE-2016-9253

Security Advisory Description In F5 BIG-IP 12.1.0 through 12.1.2, specific websocket traffic patterns may cause a disruption of service for virtual servers configured to use the websocket profile. CVE-2016-9253 Note : Virtual servers configured to use the HTTP profile and no websocket profile tha...

K17157: Apache HTTP server vulnerability CVE-2015-0228

Security Advisory Description The luawebsocketread function in luarequest.c in the modlua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service child-process crash by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade...

K96639388: Overview of F5 vulnerabilities (April 2021)

Security Advisory Description On April 28th, 2021, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. The details of each issue can be found in the associate...

K05314769: BIG-IP Advanced WAF and ASM WebSocket vulnerability CVE-2021-23033

Security Advisory Description When a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. CVE-2021-23033 Impact Traffic is disrupted while the bd process restarts. This vulnerability allows a remote attacker to cause a denial-of-service DoS on the...

K70312000: BIG-IP ASM JSON websocket security exposure

Security Advisory Description The BIG-IP ASM system may fail to block bad JSON websocket requests. This issue occurs when all of the following conditions are met: In the JSON profile of the affected security policy, the Parse Parameters setting is enabled. Note: This setting is enabled by default...

K88230177: BIG-IP ASM WebSocket vulnerability CVE-2021-22976

Security Advisory Description When the BIG-IP ASM system processes WebSocket requests with JSON payloads, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process. CVE-2021-22976 Impact When this vulnerability is exploited, the BIG-IP ASM system may take...

K11718033: TMM WebSocket vulnerability CVE-2018-5504

Security Advisory Description In some circumstances, the Traffic Management Microkernel TMM does not properly handle certain malformed WebSocket requests/responses, which allows remote attackers to cause a denial of service DoS or possible remote code execution on the BIG-IP system. CVE-2018-5504...

K42051445: BIG-IP Advanced WAF and ASM WebSocket vulnerability CVE-2021-23030

Security Advisory Description When a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. CVE-2021-23030 Impact Traffic is disrupted while the bd process restarts. This vulnerability allows a remote attacker to cause a denial-of-service DoS on the...

K34468163: Apache Tomcat vulnerability CVE-2018-8034

Security Advisory Description The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88. CVE-2018-8034 Impact A user on the local...

K31022653: Spring Framework vulnerability CVE-2018-1257

Security Advisory Description Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user or...

K94142349: BIG-IP Advanced WAF and ASM WebSocket security exposure

Security Advisory Description BIG-IP Advanced WAF and ASM incorrectly handle certain WebSocket requests. This issue occurs when the following condition is met: BIG-IP Advanced WAF or ASM handles a malicious WebSocket message. Impact The attack signature check fails to detect and block requests, a...

K49622415: Apache Tomcat vulnerability CVE-2022-25762

Security Advisory Description If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that the application will continue to use the socket after it has been...

SUSE CVE-2010-1766

Off-by-one error in the WebSocketHandshake::readServerHandshake function in websockets/WebSocketHandshake.cpp in WebCore in WebKit before r56380, as used in Qt and other products, allows remote websockets servers to cause a denial of service memory corruption or possibly have unspecified other...

SUSE CVE-2010-1853

Multiple stack-based buffer overflows in the trmagnetParse function in libtransmission/magnet.c in Transmission 1.91 allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted magnet URL with a large number of 1 tr or 2 ws links...

SUSE CVE-2011-3389

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HT...

SUSE CVE-2012-0475

Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to bypass an IPv6 literal ACL via a cross-site 1 XMLHttpRequest or 2 WebSocket operation involvin...

SUSE CVE-2013-3562

Multiple integer signedness errors in the tvbunmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service application crash via a malformed packet...

SUSE CVE-2013-3561

Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service loop or application crash via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector...