Internet Bug Bounty: Controllable read beyond bounds in lua_websocket_readbytes() [zhbug_httpd_126]

Greetings. I have found a read-beyond-bounds bug in luawebsocketreadbytes that permits an attacker to exfiltrate a controllable amount of heap data if the victim site runs a suitable LUA program. The bug is due to misuse of apgetbrigade and aprbucketread. The following code from v2.4.53 assumes...

UBUNTU-CVE-2020-10933

An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocketreadnonblockrequestedsize, buffer, exception: false, the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous valu...