DEBIAN-CVE-2024-29025

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The HttpPostRequestDecoder can be tricked to accumulate data. While the decoder can store items on the disk if configured so, there are no limits ...

Wallos < 1.11.2 - File Upload RCE

Exploit Title: Wallos - File Upload RCE Authenticated Date: 2024-03-04 Exploit Author: [email protected] Vendor Homepage: https://github.com/ellite/Wallos Software Link: https://github.com/ellite/Wallos Version: 1.11.2 Tested on: Debian 12 Wallos allows you to upload an image/logo when you create...

EulerOS Virtualization 2.11.0 : python-urllib3 (EulerOS-SA-2024-1435)

According to the versions of the python-urllib3 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide...

Memory Exhaustion

go is vulnerable to Memory Exhaustion. The vulnerability is due to the lack of proper enforcement of limits on the total size of parsed form data, leading to unbounded memory consumption while reading a single form line...

RHEL 8 : libmicrohttpd (RHSA-2024:1109)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1109 advisory. GNU libmicrohttpd is a small C library that makes it easy to run an HTTP server as part of another application. Security Fixes: libmicrohttpd: remote...

CentOS 9 : libmicrohttpd-0.9.72-5.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the libmicrohttpd-0.9.72-5.el9 build changelog. - GNU libmicrohttpd before 0.9.76 allows remote DoS Denial of Service due to improper parsing of a multipart/form-data boundary in the...

python-multipart vulnerable to Content-Type Header ReDoS

Summary When using form data, python-multipart uses a Regular Expression to parse the HTTP Content-Type header, including options. An attacker could send a custom-made Content-Type option that is very difficult for the RegEx to process, consuming CPU resources and stalling indefinitely minutes or...

GHSA-2JV5-9R88-3W3P python-multipart vulnerable to Content-Type Header ReDoS

Summary When using form data, python-multipart uses a Regular Expression to parse the HTTP Content-Type header, including options. An attacker could send a custom-made Content-Type option that is very difficult for the RegEx to process, consuming CPU resources and stalling indefinitely minutes or...

rgw: improperly verified POST keys

A flaw was found in rgw. This flaw allows an unprivileged user to write to any buckets accessible by a given key if a POST's form-data contains a key called 'bucket' with a value matching the bucket's name used to sign the request. This issue results in a user being able to upload to any bucket...

EulerOS 2.0 SP5 : libmicrohttpd (EulerOS-SA-2024-1146)

According to the versions of the libmicrohttpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - GNU libmicrohttpd before 0.9.76 allows remote DoS Denial of Service due to improper parsing of a multipart/form-data boundary in the...

Duplicate Advisory: FastAPI Content-Type Header ReDoS

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2jv5-9r88-3w3p. This link is maintained to preserve external references. Original Description Summary When using form data, python-multipart uses a Regular Expression to parse the HTTP Content-Type header,...

GHSA-QF9M-VFGH-M389 Duplicate Advisory: FastAPI Content-Type Header ReDoS

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2jv5-9r88-3w3p. This link is maintained to preserve external references. Original Description Summary When using form data, python-multipart uses a Regular Expression to parse the HTTP Content-Type header,...

Duplicate Advisory: Starlette Content-Type Header ReDoS

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2jv5-9r88-3w3p. This link is maintained to preserve external references. Original Description Summary When using form data, python-multipart uses a Regular Expression to parse the HTTP Content-Type header,...

PYSEC-2024-38

FastAPI is a web framework for building APIs with Python 3.8+ based on standard Python type hints. When using form data, python-multipart uses a Regular Expression to parse the HTTP Content-Type header, including options. An attacker could send a custom-made Content-Type option that is very...

PYSEC-2024-38

FastAPI is a web framework for building APIs with Python 3.8+ based on standard Python type hints. When using form data, python-multipart uses a Regular Expression to parse the HTTP Content-Type header, including options. An attacker could send a custom-made Content-Type option that is very...

PT-2024-20540

Name of the Vulnerable Software and Affected Versions python-multipart versions prior to 0.0.7 FastAPI version 0.109.0 Description The vulnerability is related to a Regular Expression Denial of Service ReDoS in the python-multipart library, which is used by FastAPI to parse form data. An attacker...

JobSearch WP Job Board < 2.3.4 - Arbitrary File Upload to RCE

Description The plugin does not validate files to be uploaded, which could allow unauthenticated attackers to upload arbitrary files such as PHP on the server Navigate to the site, and paste the following in your browser's console: fetch'/wp-admin/admin-ajax.php', method: 'POST', headers:...

Exploit for Incorrect Authorization in Miniorange Web3_-_Crypto_Wallet_Login_\&_Nft_Token_Gating

CVE-2023-6036 POC about Wordpress plugin Web3 – Crypto wallet...

RHEL 8 : libmicrohttpd (RHSA-2024:0584)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0584 advisory. GNU libmicrohttpd is a small C library that makes it easy to run an HTTP server as part of another application. Security Fixes: libmicrohttpd: remote...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.10 : Ceph vulnerability (USN-6613-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6613-1 advisory. Lucas Henry discovered that Ceph incorrectly handled specially crafted POST requests. An uprivileged user could use th...