5 matches found
Astra Linux – Vulnerability in golang-golang-x-net
A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which can be manipulated by...
DEBIAN-CVE-2024-56565
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop all discards after creating snapshot on lvm device Piergiorgio reported a bug in bugzilla as below: ------------ cut here ------------ WARNING: CPU: 2 PID: 969 at fs/f2fs/segment.c:1330 RIP:...
UBUNTU-CVE-2024-56565
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop all discards after creating snapshot on lvm device Piergiorgio reported a bug in bugzilla as below: ------------ cut here ------------ WARNING: CPU: 2 PID: 969 at fs/f2fs/segment.c:1330 RIP:...
PT-2023-2198 · Golang +11 · Net/Http +12
Name of the Vulnerable Software and Affected Versions: GoLang net/http and mime/multipart affected versions not specified Description: A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can...
AZL-13029 CVE-2022-41721 affecting package opa for versions less than 0.50.2-5
A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be...