Lucene search
+L

6 matches found

Amazon
Amazon
added 2024/05/28 12:0 a.m.5 views

Medium: amazon-ecr-credential-helper

Issue Overview: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of da...

7.5CVSS6.7AI score0.91969EPSS
Exploits1
Amazon
Amazon
added 2024/05/15 12:0 a.m.3 views

Medium: cni-plugins

Issue Overview: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of da...

5.3CVSS6.8AI score0.01208EPSS
Exploits0
Amazon
Amazon
added 2024/01/22 12:0 a.m.5 views

Medium: containerd

Issue Overview: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of da...

7.5CVSS7.1AI score0.03796EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/12/07 2:5 a.m.5 views

SUSE CVE-2023-39326

A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data up to about...

7.5CVSS7AI score0.01208EPSS
Exploits0References10
OSV
OSV
added 2023/12/06 5:15 p.m.7 views

AZL-37446 CVE-2023-39326 affecting package golang for versions less than 1.21.6-1

A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data up to about...

5.3CVSS6.7AI score0.01208EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/06 12:0 a.m.5 views

Google Golang Security Vulnerability

Google Golang is a static, strongly typed, compiled language from Google.The syntax of Go is close to C, but with differences in variable declarations.Go supports garbage collection.Go's parallel model is based on Tony Hall's Communicating Sequential Processes CSP, and other languages with a...

5.3CVSS7.1AI score0.01208EPSS
Exploits0References7
Rows per page
Query Builder