7 matches found
php:8.2 security update
An update is available for module.php, module.php-pear, module.php-pecl-apcu, php-pecl-rrd, module.php-pecl-xdebug3, php, php-pear, php-pecl-zip, module.php-pecl-zip, module.php-pecl-rrd, php-pecl-apcu, php-pecl-xdebug3, module.libzip, libzip. This update affects Rocky Linux 8. A Common...
EUVD-2023-0004
Malicious code in bioql PyPI...
OESA-2025-1250 python-aiohttp security update
Async http client/server framework asyncio. Security Fixes: aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. The HTTP parser in AIOHTTP has numerous problems with header parsing, which could lead to request smuggling. This parser is only used when AIOHTTPNOEXTENSION...
USN-7031-2: Puma vulnerability
USN-7031-1 fixed CVE-2024-45614 in Puma for Ubuntu 24.04 LTS. This update fixes the CVE for Ubuntu 22.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that Puma incorrectly handled parsing certain headers. A remote attacker could possibly use this issue to overwrite heade...
MGASA-2024-0123 Updated ruby-rack packages fix security vulnerabilities
Carefully crafted content type headers can cause Rack’s media type parser to take much longer than expected, leading to a possible denial of service vulnerability ReDos 2nd degree polynomial. CVE-2024-25126 Carefully crafted Range headers can cause a server to respond with an unexpectedly large...
PT-2023-8839 · Aiohttp +5 · Aiohttp +5
Name of the Vulnerable Software and Affected Versions: aiohttp versions prior to 3.8.6 Description: The HTTP parser in aiohttp has numerous problems with header parsing, which could lead to request smuggling. This issue is related to the handling of Content-Length values, improper handling of NUL...
CVE-2022-35256
The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling...