3 matches found
GHSA-9398-5GHF-7PR6 conduit-hyper vulnerable to Denial of Service from unchecked request length
Prior to version 0.4.2, conduit-hyper did not check any limit on a request's length before calling hyper::body::tobytes. An attacker could send a malicious request with an abnormally large Content-Length, which could lead to a panic if memory allocation failed for that request. In version 0.4.2,...
High-Severity RCE Bug Found in Popular Apache Cassandra Database
Researchers have shared details about a now-patched, high-severity security bug in the Apache Cassandra open-source NoSQL distributed database that’s easy to exploit and, if left unpatched, could enable attackers to gain remote code execution RCE. The bug, which involves how Cassandra creates...
[SECURITY] [DSA 5076-1] h2database security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5076-1 [email protected] https://www.debian.org/security/ Markus Koschany February 15, 2022 https://www.debian.org/security/faq -...