3 matches found
Authentication Bypass by Primary Weakness
Overview Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness due to the management of client connections by OTAPI, which allows stale UUIDs to remain on RemoteClient instances after a player disconnects. An attacker can assume the login state of a...
CVE-2023-39325
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...
CVE-2021-4234
OpenVPN Access Server 2.10 and prior versions are susceptible to resending multiple packets in a response to a reset packet sent from the client which the client again does not respond to, resulting in a limited amplification attack...