PYSEC-2024-211

Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer...

Waitress 安全漏洞

Waitress is a production-quality, pure Python WSGI server from the Pylons project. A security vulnerability existed prior to Waitress version 3.0.1, which stemmed from the fact that if a remote client closed a connection before waitress called getpeername, waitress would fail to clean up the...

SUSE-SU-2023:3933-1 Security update for python

This update for python fixes the following issues: - CVE-2023-40217: Fixed TLS handshake bypass on closed sockets bsc1214692...

PSF-2023-8 Bypass TLS handshake on closed sockets

Instances of ssl.SSLSocket are vulnerable to a bypass of the TLS handshake and included protections like certificate verification and treating sent unencrypted data as if it were post-handshake TLS encrypted data. The vulnerability is caused when a socket is connected, data is sent by the malicio...

GSD-2022-1001340 SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()

SUNRPC: Ensure we flush any closed sockets before xsxprtfree This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.20 by commit...

CVE-2008-2122

IBM Rational Build Forge 7.0.2 allows remote attackers to cause a denial of service CPU consumption via a port scan, which spawns multiple bfagent server processes that attempt to read data from closed sockets...