Astra Linux - уязвимость в samba

A flaw was discovered in Samba. Spaces used in a string surrounding a domain name can, when ignored, cause invalid DN strings to write a zero-byte into out-of-bounds memory, resulting in a crash. The greatest threat of this vulnerability is to system availability...

Node.js 安全漏洞

Node.js is an open-source, cross-platform JavaScript runtime environment developed by the Node.js community. There is a security vulnerability in Node.js, which stems from improper handling of URLs. When the url.format function is called with an internationalized domain name containing invalid...

CVE-2026-4438 gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames

Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification...

BIT-PYTHON-2025-0938 URL parser allowed square brackets in domain names

The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in...

CVE-2025-0938

A flaw was found in Python. The Python standard library functions urllib.parse.urlsplit and urlparse accept domain names that included square brackets, which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs...

CVE-2025-0938

The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in...

CVE-2025-0938 URL parser allowed square brackets in domain names

The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in...

CVE-2025-0938

Summary (CVE-2025-0938): The issue arises in Python’s standard library URL parsing, where urllib.parse.urlsplit/urlparse accepted domain names containing square brackets, contrary to RFC 3986. This leads to differential parsing between Python’s parser and other RFC-compliant parsers. The connecte...

PSF-2025-1

The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in...

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect through the X-Forwarded-Host header. If the value of the header is prefixed with a invalid domain character for example a /, it is always accepted as the actual host of that request. Since this host is used for all url...

CVE-2021-23386

Remote memory exposure vulnerability was found in nodejs dns-packet library. The buffers created with allocUnsafe are not always filled before forming the network packets and an attacker can use this vulnerability to potentially get access to internal application memory over non encrypted network...

Denial Of Service (DoS)

samba is vulnerable to denial of service DoS. A flaw was found in samba. Spaces used in a string around a domain name DN, while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash...

USN-4611-1 samba vulnerabilities

Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue to obtain file name information. CVE-2020-14318 Bas Alberts discovered that Samba incorrectly handled certain winbind requests. A remote attacker could possibly use th...

Error: "Cannot complete your request" when login to the Storefront with SAML.

While login to the Storefront with SAML authentication getting "Cannot complete your request" Storefront error : Event ID 6 CitrixAGBasic single sign-on failed because the supplied domain: domain.com is invalid. This has two main causes, either; The single sign-on domain specified in the session...

SUSE-SU-2020:1803-1 Security update for squid

This update for squid fixes the following issues: - CVE-2020-14059: Fixed an issue where a client could potentially deny the service of a server during TLS Handshake bsc1173304. - CVE-2019-18860: Fixed handling of invalid domain names in cachemgr.cgi bsc1167373...

Could not sign CSR Caused by: java.io.IOException: Could not obtain certificate (template=XenmobileTest). Reason: The format of the specified domain name is invalid. 0x800704bc (WIN32: 1212)

After configuring Client Certificate Authentication for XMS but you do not see an issued certificate on the Issuing Server 2016-08-18T12:49:32.19+0200 | | ERROR | http-nio-10443-exec-8 | EWSession | Exception on certificate issuer com.zenprise.zdm.pki.spi.IssuingServiceException: Could not sign C...

Apache Reverse Proxy Bypass Vulnerability Scanner

Scan for poorly configured reverse proxy servers. By default, this module attempts to force the server to make a request with an invalid domain name. Then, if the bypass is successful, the server will look it up and of course fail, then responding with a status code 502. A baseline status code is...

DEBIAN-CVE-2003-0688

The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service process crash via an invalid DNS response that causes Sendmail to free incorrect data...