4 matches found
EUVD-2012-4339
Malware in sbrugna...
PT-2023-14021 · Google +1 · Golang.Org/X/Net/Http2/H2C +1
Name of the Vulnerable Software and Affected Versions: golang.org/x/net/http2/h2c affected versions not specified Description: A request smuggling attack is possible when using MaxBytesHandler. The body of an HTTP request is not fully consumed, and when the server attempts to read HTTP2 frames fr...
Denial of Service in subtext
All versions of subtext are vulnerable to Denial of Service DoS. The package fails to enforce the maxBytes configuration for payloads with chunked encoding that are written to the file system. This allows attackers to send requests with arbitrary payload sizes, which may exhaust system resources...
GHSA-2MVQ-XP48-4C77 Denial of Service in subtext
All versions of subtext are vulnerable to Denial of Service DoS. The package fails to enforce the maxBytes configuration for payloads with chunked encoding that are written to the file system. This allows attackers to send requests with arbitrary payload sizes, which may exhaust system resources...