5 matches found
CVE-2026-47071
Uncontrolled Resource Consumption vulnerability in benoitc hackney allows Flooding. The SOCKS5 transport in src/hackneysocks5.erl correctly applies the caller-supplied timeout to the SOCKS5 negotiation phase, but then upgrades the connection to TLS using the two-argument form ssl:connect/2, which...
CVE-2026-47071
Uncontrolled Resource Consumption vulnerability in benoitc hackney allows Flooding. The SOCKS5 transport in src/hackneysocks5.erl correctly applies the caller-supplied timeout to the SOCKS5 negotiation phase, but then upgrades the connection to TLS using the two-argument form ssl:connect/2, which...
CVE-2026-47071
Uncontrolled Resource Consumption vulnerability in benoitc hackney allows Flooding. The SOCKS5 transport in src/hackneysocks5.erl correctly applies the caller-supplied timeout to the SOCKS5 negotiation phase, but then upgrades the connection to TLS using the two-argument form ssl:connect/2, which...
CVE-2026-47071
The vulnerability CVE-2026-47071 affects benoitc hackney (from 0.10.0 up to 4.0.0). The SOCKS5 transport (src/hackney_socks5.erl) forwards the caller timeout through SOCKS5 negotiation but upgrades to TLS with ssl:connect/2, which defaults to an infinite timeout. The Timeout in scope at the call ...
GO-2026-4488 webtransport-go: CloseWithError can block indefinitely in github.com/quic-go/webtransport-go
webtransport-go: CloseWithError can block indefinitely in github.com/quic-go/webtransport-go...