4173 matches found
CVE-2024-22025
A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...
AZL-35911 CVE-2024-22025 affecting package nodejs18 for versions less than 18.18.2-5
A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...
AZL-35898 CVE-2024-22025 affecting package nodejs for versions less than 20.14.0-1
A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...
AZL-35909 CVE-2024-22025 affecting package nodejs for versions less than 16.20.2-4
A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...
CVE-2024-22025
A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...
DEBIAN-CVE-2024-22025
A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...
CVE-2024-22025
A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...
UBUNTU-CVE-2024-22025
A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...
CVE-2024-22025
A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...
CVE-2024-22025
CVE-2024-22025 affects Node.js where fetch() decodes Brotli unconditionally, enabling resource exhaustion from untrusted URLs and potentially memory exhaustion or process termination. Connected sources confirm this DoS vector and indicate fixes in Node.js releases; Debian/AlmaLinux advisories enu...
CVE-2024-22025
A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...
SUSE CVE-2022-41404
An issue in the fetch method in the BasicProfile class of org.ini4j through version v0.5.4 allows attackers to cause a Denial of Service DoS via unspecified vectors...
Node.js Security Vulnerabilities
Node.js is an open source, cross-platform JavaScript runtime environment. A security vulnerability exists in Node.js that stems from the fetch function always decoding Brotli, exhausting resources and causing a denial of service...
Security Bulletin: There are multiple vulnerabilities in Go related packages that are shipped with IBM CICS TX Standard.
Summary There are multiple vulnerabilities in Go related packages that are shipped with IBM CICS TX Standard. An update to IBM CICS TX Standard has been released to address these vulnerabilities. Vulnerability Details CVEID:CVE-2023-48795 DESCRIPTION: OpenSSH is vulnerable to a...
WeasyPrint Security Vulnerability
WeasyPrint is Kozea open source an intelligent solution. Can help Web developers to create PDF files. WeasyPrint 61.0, 61.1 version of a security vulnerability , the vulnerability stems from allowing the contents of arbitrary files and URLs will be appended to the generated PDF document , even if...
BIT-GITEA-2022-30781
Gitea before 1.16.7 does not escape git fetch remote...
BIT-GIT-2022-25648 Command Injection
The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetchremote = 'origin', opts = function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform...
DEBIAN-CVE-2023-52593
In the Linux kernel, the following vulnerability has been resolved: wifi: wfx: fix possible NULL pointer dereference in wfxsetmfpap Since 'ieee80211beaconget' can return NULL, 'wfxsetmfpap' should check the return value before examining skb data. So convert the latter to return an appropriate err...
golang: cmd/go: Protocol Fallback when fetching modules
A flaw was found in the Golang package cmd/go. This issue permits the fallback to insecure "git://" if trying to fetch a .git module that has no "https://" or "git+ssh://" available...
CVE-2023-52499
In the Linux kernel, the following vulnerability has been resolved: powerpc/47x: Fix 47x syscall return crash Eddie reported that newer kernels were crashing during boot on his 476 FSP2 system: kernel tried to execute user page b7ee2000 - exploit attempt? uid: 0 BUG: Unable to handle kernel...