91 matches found
GO-2025-3498 Goroutine Leak in Abacus SSE Implementation in github.com/jasonlovesdoggo/abacus
Goroutine Leak in Abacus SSE Implementation in github.com/jasonlovesdoggo/abacus...
CVE-2025-27421
Abacus is a highly scalable and stateless counting API. A critical goroutine leak vulnerability has been identified in the Abacus server's Server-Sent Events SSE implementation. The issue occurs when clients disconnect from the /stream endpoint, as the server fails to properly clean up resources...
Goroutine Leak in Abacus SSE Implementation
Goroutine Leak in Abacus SSE Implementation Summary A critical goroutine leak vulnerability has been identified in the Abacus server's Server-Sent Events SSE implementation. The issue occurs when clients disconnect from the /stream endpoint, as the server fails to properly clean up resources and...
CVE-2025-27421 Goroutine Leak in Abacus SSE Implementation
Abacus is a highly scalable and stateless counting API. A critical goroutine leak vulnerability has been identified in the Abacus server's Server-Sent Events SSE implementation. The issue occurs when clients disconnect from the /stream endpoint, as the server fails to properly clean up resources...
CVE-2025-27421
CVE-2025-27421 describes a goroutine leak in Abacus SSE: when clients disconnect from /stream, the server fails to clean up resources and terminate goroutines, causing resource exhaustion and eventual inability to accept new SSE connections with high memory usage. The fixed version is Abacus v1.4...
CVE-2025-27421 Goroutine Leak in Abacus SSE Implementation
Abacus is a highly scalable and stateless counting API. A critical goroutine leak vulnerability has been identified in the Abacus server's Server-Sent Events SSE implementation. The issue occurs when clients disconnect from the /stream endpoint, as the server fails to properly clean up resources...
CVE-2025-27421 Goroutine Leak in Abacus SSE Implementation
Abacus is a highly scalable and stateless counting API. A critical goroutine leak vulnerability has been identified in the Abacus server's Server-Sent Events SSE implementation. The issue occurs when clients disconnect from the /stream endpoint, as the server fails to properly clean up resources...
Abacus 安全漏洞
Abacus is a highly extensible and stateless counting API by Jason Cameron Personal Developer. A security vulnerability exists in Abacus versions prior to 1.4.0 that stems from a goroutine leak in the Server-Sent Events implementation...
Security update for etcd
This update for etcd fixes the following issues: Security Update to version 3.5.18: Ensure all goroutines created by StartEtcd to exit before closing the errc mvcc: restore tombstone index if it's first revision Bump go toolchain to 1.22.11 Avoid deadlock in etcd.Close when stopping during...
PT-2025-19693 · Opensuse · Etcd
This update for etcd fixes the following issues: Security Update to version 3.5.18: Ensure all goroutines created by StartEtcd to exit before closing the errc mvcc: restore tombstone index if it's first revision Bump go toolchain to 1.22.11 Avoid deadlock in etcd.Close when stopping during...
SUSE CVE-2024-39721
An issue was discovered in Ollama before 0.1.34. The CreateModelHandler function uses os.Open to read a file until completion. The req.Path parameter is user-controlled and can be set to /dev/random, which is blocking, causing the goroutine to run infinitely even after the HTTP request is aborted...
CVE-2024-39721
An issue was discovered in Ollama before 0.1.34. The CreateModelHandler function uses os.Open to read a file until completion. The req.Path parameter is user-controlled and can be set to /dev/random, which is blocking, causing the goroutine to run infinitely even after the HTTP request is aborted...
CVE-2024-39721
An issue was discovered in Ollama before 0.1.34. The CreateModelHandler function uses os.Open to read a file until completion. The req.Path parameter is user-controlled and can be set to /dev/random, which is blocking, causing the goroutine to run infinitely even after the HTTP request is aborted...
CVE-2024-39721
An issue was discovered in Ollama before 0.1.34. The CreateModelHandler function uses os.Open to read a file until completion. The req.Path parameter is user-controlled and can be set to /dev/random, which is blocking, causing the goroutine to run infinitely even after the HTTP request is aborted...
Ollama 安全漏洞
Ollama is a large language model that can be started and run locally from the Ollama open source. A security vulnerability exists in Ollama versions prior to 0.1.34, which stems from the CreateModelHandler function reading a file using os.Open, where the req.Path parameter can be controlled by th...
CVE-2024-39721
Ollama
CVE-2024-39721
An issue was discovered in Ollama before 0.1.34. The CreateModelHandler function uses os.Open to read a file until completion. The req.Path parameter is user-controlled and can be set to /dev/random, which is blocking, causing the goroutine to run infinitely even after the HTTP request is aborted...
USN-7061-1 golang-1.17 vulnerabilities
Hunter Wittenborn discovered that Go incorrectly handled the sanitization of environment variables. An attacker could possibly use this issue to run arbitrary commands. CVE-2023-24531 Sohom Datta discovered that Go did not properly validate backticks as Javascript string delimiters, and did not...
AZL-31310 CVE-2023-39325 affecting package golang for versions less than 1.20.7-2
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...
GHSA-PPJG-V974-84CM Go-Ethereum vulnerable to denial of service via malicious p2p message
Impact A vulnerable node, can be made to consume unbounded amounts of memory when handling specially crafted p2p messages sent from an attacker node. Details The p2p handler spawned a new goroutine to respond to ping requests. By flooding a node with ping requests, an unbounded number of goroutin...