Lucene search
+L

6 matches found

osv
osv
added 2026/06/30 4:33 p.m.2 views

CVE-2026-10655 Use-after-free race in SNTP async client when closing the socket while the socket service is still polling it

The asynchronous SNTP client in Zephyr subsys/net/lib/sntp/sntp.c, sntpcloseasync closed the UDP socket file descriptor directly from the calling thread immediately after detaching it from the network socket service, without synchronizing with the socket-service poll thread. The socket service...

6.5CVSS6AI score0.00254EPSS
Exploits1References5
cve
cve
added 2026/06/30 4:33 p.m.18 views

CVE-2026-10655

Concrete details found: Zephyr’s asynchronous SNTP client (sntp_close_async) can race with the socket service poll thread. Closing the UDP socket descriptor from a different thread (SNTP timeout path) may free and reuse net_context while the poll thread holds a poller node, causing a use-after-fr...

6.5CVSS5.8AI score0.00254EPSS
Exploits1References2Affected Software1
cve
cve
added 2026/05/14 3:32 p.m.28 views

CVE-2026-42594

Gotenberg CVE-2026-42594 describes an unauthenticated denial of service caused by reuse of echo.Context in the webhook async flow. Prior to 8.32.0, a goroutine holds a reference to the request context after ErrAsyncProcess, and Echo recycles the context to a pool. If a concurrent request reuses t...

7.5CVSS5.8AI score0.00348EPSS
Exploits1References1Affected Software1
osv
osv
added 2026/05/07 1:0 a.m.7 views

GHSA-R33J-C622-R6QP Gotenberg has an unauthenticated denial of service via echo.Context pool reuse in webhook async goroutine

Summary The webhook middleware spawns a goroutine that holds a reference to the request's echo.Context after the synchronous handler returns ErrAsyncProcess and Echo recycles the context back to its sync.Pool. When a concurrent request claims the recycled context, c.Reset clears the store. If the...

7.5CVSS5.9AI score0.00348EPSS
Exploits1References3
github
github
added 2026/05/07 1:0 a.m.11 views

Gotenberg has an unauthenticated denial of service via echo.Context pool reuse in webhook async goroutine

Summary The webhook middleware spawns a goroutine that holds a reference to the request's echo.Context after the synchronous handler returns ErrAsyncProcess and Echo recycles the context back to its sync.Pool. When a concurrent request claims the recycled context, c.Reset clears the store. If the...

7.5CVSS5.9AI score0.00348EPSS
Exploits1References3Affected Software1
ptsecurity
ptsecurity
added 2026/05/07 12:0 a.m.18 views

PT-2026-38385

Name of the Vulnerable Software and Affected Versions Gotenberg versions prior to 8.32.0 Description A flaw in the webhook middleware allows an anonymous caller to crash the process. The middleware spawns a goroutine that retains a reference to the echo.Context after the synchronous handler retur...

7.5CVSS5.8AI score0.00348EPSS
Exploits1References8
Rows per page
Query Builder