UBUNTU-CVE-2018-21035

In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service memory consumption...

CVE-2018-21035

In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service memory consumption...

CVE-2018-21035

CVE-2018-21035 affects Qt’s WebSocket implementation in Qt up to 5.14.1, where frames and messages are limited to 2 GB and this limit cannot be configured, enabling potential memory-based DoS. The vulnerability is documented across multiple advisories (e.g., MiracleLinux, Rocky Linux, AlmaLinux, ...

CVE-2018-21035

In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service memory consumption...

Fedora 30 : caddy / etcd / hugo (2020-279c61dd70)

"Rebuilt to fix GHSA-jf24-p9p9-4rjh Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Fedora Security Advisory FEDORA-2020-279c61dd70. include"compat.inc"; if description scriptid134130; scriptversion"1.1"; scriptcvsdate"Date: 2020/02/28";...

Fedora 31 : golang-github-gorilla-websocket (2020-0ae6297680)

Update to latest version. Fix GHSA-jf24-p9p9-4rjh. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues....

Fedora 30 : golang-github-gorilla-websocket (2020-8f18c45545)

Update to latest version. Fix GHSA-jf24-p9p9-4rjh. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues....

Fedora: Security Advisory for golang-github-gorilla-websocket (FEDORA-2020-0ae6297680)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for golang-github-gorilla-websocket (FEDORA-2020-8f18c45545)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 31 Update: golang-github-gorilla-websocket-1.4.1-1.fc31

Gorilla WebSocket is a Go implementation of the WebSocket protocol...

[SECURITY] Fedora 30 Update: golang-github-gorilla-websocket-1.4.1-1.fc30

A WebSocket implementation for Go...

Debian DLA-2110-1 : netty-3.9 security update

Several vulnerabilities were discovered in Netty, a Java NIO client/server socket framework : CVE-2014-0193 WebSocket08FrameDecoder allows remote attackers to cause a denial of service memory consumption via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames...

InspIRCd websocket module double free vulnerability

The InspIRCd development team reports: The websocket module before v3.8.1 contains a double free vulnerability. When combined with a HTTP reverse proxy this vulnerability can be used by any user who is GKZ-lined to remotely crash an InspIRCd server...

Huawei EulerOS: Security Advisory for tomcat (EulerOS-SA-2019-1992)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-7232

Evoko Home devices 1.31 through 1.37 allow remote attackers to obtain sensitive information such as usernames and password hashes via a WebSocket request, as demonstrated by the sockjs/224/uf1psgff/websocket URI at a wss:// URL...

CVE-2020-7232

Evoko Home devices 1.31 through 1.37 allow remote attackers to obtain sensitive information such as usernames and password hashes via a WebSocket request, as demonstrated by the sockjs/224/uf1psgff/websocket URI at a wss:// URL...

Information disclosure

Evoko Home devices 1.31 through 1.37 allow remote attackers to obtain sensitive information such as usernames and password hashes via a WebSocket request, as demonstrated by the sockjs/224/uf1psgff/websocket URI at a wss:// URL...

CVE-2020-7232

Evoko Home devices 1.31 through 1.37 allow remote attackers to obtain sensitive information such as usernames and password hashes via a WebSocket request, as demonstrated by the sockjs/224/uf1psgff/websocket URI at a wss:// URL...

CVE-2020-7232

CVE-2020-7232 affects Evoko Home devices version 1.31 through 1.37. The issue enables remote attackers to disclose sensitive information (e.g., usernames and password hashes) by sending a WebSocket request to the sockjs/224/uf1psgff/websocket URI over a secure WebSocket (wss://). The available co...

"Cablehaunt" Cable Modem WebSocket DoS

There exists a buffer overflow vulnerability in certain Cable Modem Spectrum Analyzer interfaces. This overflow is exploitable, but since an exploit would differ between every make, model, and firmware version which also differs from ISP to ISP, this module simply causes a Denial of Service to te...