34 matches found
CVE-2022-3924
CVE-2022-3924 is a vulnerability in ISC BIND where stale-answer-client-timeout (enabled with a positive value) can cause a race between returning a stale answer and an early SERVFAIL, potentially triggering an assertion failure and DoS. Affected are BIND 9.16.12–9.16.36, 9.18.0–9.18.10, 9.19.0–9....
ROS-20220929-01
BIND DNS server vulnerability is related to boundary conditions when reusing HTTP connection when requesting statistics from a statistics channel. Exploitation of the vulnerability could allow an attacker, acting remotely, using a managed DNS server to cause a read error outside the boundary...
Denial Of Service (DoS)
libbind9.so is vulnerable to denial of service. The vulnerability exists in multiple functions in query.c due to serve-stale-client-timeout which allows an attacker to cause an application crash by sending specific queries to the resolver...
DEBIAN-CVE-2021-3859
A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks...
UBUNTU-CVE-2021-3859
A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks...
PT-2022-10741 · Undertow · Undertow
Name of the Vulnerable Software and Affected Versions: Undertow versions prior to 2.2.15 Final Description: A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks...
undertow: client side invocation timeout raised when calling over HTTP2
A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks...
undertow: client side invocation timeout raised when calling over HTTP2
A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks...
undertow: client side invocation timeout raised when calling over HTTP2
A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks...
undertow: client side invocation timeout raised when calling over HTTP2
A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks...
undertow: client side invocation timeout raised when calling over HTTP2
A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks...
undertow: client side invocation timeout raised when calling over HTTP2
A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks...
MGASA-2017-0460 Updated java-1.8.0-openjdk packages fix security vulnerabilities
Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. CVE-2017-10285, CVE-2017-10346 It was discovered that the Kerberos client implementation in the Libraries...
CentOS 6 : squid (CESA-2013:0505)
Updated squid packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...