5293 matches found
CVE-2021-36383
Xen Orchestra with xo-web through 5.80.0 and xo-server through 5.84.0 mishandles authorization, as demonstrated by modified WebSocket resourceSet.getAll data is which the attacker changes the permission field from none to admin. The attacker gains access to data sets such as VMs, Backups, Audit,...
CVE-2021-36383
Xen Orchestra with xo-web through 5.80.0 and xo-server through 5.84.0 mishandles authorization, as demonstrated by modified WebSocket resourceSet.getAll data is which the attacker changes the permission field from none to admin. The attacker gains access to data sets such as VMs, Backups, Audit,...
CVE-2021-36383
Xen Orchestra with xo-web through 5.80.0 and xo-server through 5.84.0 mishandles authorization, as demonstrated by modified WebSocket resourceSet.getAll data is which the attacker changes the permission field from none to admin. The attacker gains access to data sets such as VMs, Backups, Audit,...
jetty: Resource exhaustion when receiving an invalid large TLS frame
When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large greater than 17408 TLS frame that is incorrectly handled, causing high CPU resources utilization. The highest threat from this vulnerability is to service availability...
Dell EMC PowerFlex数据伪造问题漏洞
DELL Dell EMC PowerFlex is an application from Dell of America DELL, Inc. Dell powerflex presentation server data forgery issue vulnerability, which originates from the product's websocket in the Presentation Server/WebUI does not do user identity An attacker could hijack the Websocket to trick...
Mongoose Web Server <= 6.8 Multiple Vulnerabilities
Mongoose Web Server is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...
GHSA-5GJG-JGH4-GPPM Websocket requests did not call AuthenticateMethod
Impact Depending on implementation, a denial-of-service or privilege escalation vulnerability may occur in software that uses the github.com/ecnepsnai/web package with Web Sockets that have an AuthenticateMethod. The AuthenticateMethod is not called, and UserData will be nil in request methods...
Updated qtwebsockets5 packages fix a security vulnerability
In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service memory consumption CVE-2018-21035...
PT-2021-23591 · Unknown · Github.Com/Ecnepsnai/Web
Name of the Vulnerable Software and Affected Versions: github.com/ecnepsnai/web package versions prior to 1.5.2 Description: The issue arises when Web Sockets do not execute any AuthenticateMethod methods, potentially leading to a nil pointer dereference or authentication bypass. This problem...
Apache Tomcat 10.0.0.M1 < 10.0.0.M7 multiple vulnerabilities
The version of Tomcat installed on the remote host is prior to 10.0.0.M7. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat10.0.0-m7security-10 advisory. - The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 ...
MGASA-2021-0266 Updated python-eventlet packages fix security vulnerability
Updated python-eventlet packages fix a security vulnerability: Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data...
Updated python-eventlet packages fix security vulnerability
Updated python-eventlet packages fix a security vulnerability: Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data...
Eclipse Jetty DoS Vulnerability (GHSA-26vr-8j45-3r4w) - Linux
Eclipse Jetty is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:eclipse:jetty";...
CVE-2021-33880
The aaugustin websockets library before 9.1 for Python has an Observable Timing Discrepancy on servers when HTTP Basic Authentication is enabled with basicauthprotocolfactorycredentials=.... An attacker may be able to guess a password via a timing attack...
OPENSUSE-SU-2021:0840-1 Security update for chromium
This update for chromium fixes the following issues: Chromium 91.0.4472.77 boo1186458: Support Managed configuration API for Web Applications WebOTP API: cross-origin iframe support CSS custom counter styles Support JSON Modules Clipboard: read-only files support Remove webkitBeforeTextInserted &...
Regular Expression Denial Of Service (ReDoS)
ws is vulnerable to regular expression denial of service. An attacker is able to cause excessive CPU consumption that can lead to an application crash by submitting a malicious value of Sec-Websocket-Protocol...
Regular Expression Denial of Service
Overview In ws before versions 5.2.3, 6.2.2 and 7.4.6 there is a ReDOS vulnerability. Impact A specially crafted value of the Sec-Websocket-Protocol header can be used to significantly slow down a ws server. Proof of concept js for const length of 1000, 2000, 4000, 8000, 16000, 32000 const value ...
7ghost (>=4.11.25 <=4.11.46), @100mslive/hms-excalidraw (>=0.1.3 <=0.1.14) +1208 more potentially affected by CVE-2021-32640 via ws (>=6.0.0 <=6.2.1)
ws NPM version =6.0.0, =4.11.25, =0.1.3, =0.0.1-bate.30, =0.0.1, =0.0.1, =7.0.0, =0.1.0, =4.4.0, =4.2.2, =2.9.0, =0.0.1-alpha.95, =1.0.0, =1.2.0, =1.0.2, =1.0.4 and more Source cves: CVE-2021-32640 Source advisory: OSV:GHSA-6FC8-4GX4-V693...
GHSA-6FC8-4GX4-V693 ReDoS in Sec-Websocket-Protocol header
Impact A specially crafted value of the Sec-Websocket-Protocol header can be used to significantly slow down a ws server. Proof of concept js for const length of 1000, 2000, 4000, 8000, 16000, 32000 const value = 'b' + ' '.repeatlength + 'x'; const start = process.hrtime.bigint; value.trim.split/...
ReDoS in Sec-Websocket-Protocol header
Impact A specially crafted value of the Sec-Websocket-Protocol header can be used to significantly slow down a ws server. Proof of concept js for const length of 1000, 2000, 4000, 8000, 16000, 32000 const value = 'b' + ' '.repeatlength + 'x'; const start = process.hrtime.bigint; value.trim.split/...