5 matches found
CVE-2025-2934 Allocation of Resources Without Limits or Throttling in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 5.2 prior to 18.2.8, 18.3 prior to 18.3.4, and 18.4 prior to 18.4.2 that could have allowed an authenticated attacker to create a denial of service condition by configuring malicious webhook endpoints that send crafted HTT...
Astra Linux – Vulnerability in libsoup3, libsoup2.4
A flaw was discovered in libsoup. The package is vulnerable to a heap buffer over-read issue when scanning content using the skipinsightwhitespace function. Libsoup clients may read one byte beyond the bounds of the memory area in response to a malicious HTTP response from an HTTP server...
libsoup: Heap buffer over-read in `skip_insignificant_space` when sniffing content
A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skipinsightwhitespace function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server...
OESA-2024-1115 shim security update
Initial UEFI bootloader that handles chaining to a trusted full \ bootloader under secure boot environments. Security Fixes: A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker...
CVE-2018-5535
On F5 BIG-IP 14.0.0, 13.0.0-13.1.0, 12.1.0-12.1.3, or 11.5.1-11.6.3 specifically crafted HTTP responses, when processed by a Virtual Server with an associated QoE profile that has Video enabled, may cause TMM to incorrectly buffer response data causing the TMM to restart resulting in a Denial of...