EUVD-2024-51926

Malicious code in bioql PyPI...

BIT-ENVOY-2024-53271 HTTP/1.1 multiple issues with envoy.reloadable_features.http1_balsa_delay_reset in envoy

Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions envoy does not properly handle http 1.1 non-101 1xx responses. This can lead to downstream failures in networked devices. This issue has been addressed in versions 1.31.5 and 1.32.3. Users are advised to...

CVE-2024-53271

A flaw was found in Envoy. In affected versions, Envoy does not properly handle certain HTTP 1.1 responses. Specially-crafted requests may trigger failures or application crashes in networked devices, leading to a denial of service...

CVE-2024-53271 HTTP/1.1 multiple issues with envoy.reloadable_features.http1_balsa_delay_reset in envoy

Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions envoy does not properly handle http 1.1 non-101 1xx responses. This can lead to downstream failures in networked devices. This issue has been addressed in versions 1.31.5 and 1.32.3. Users are advised to...

CVE-2024-53271

Envoy exposure CVE-2024-53271 affects the Envoy proxy where certain HTTP/1.1 non-101 1xx responses are not handled properly, causing downstream failures in networked devices. The issue has been fixed in releases 1.31.5 and 1.32.3. Public references across multiple feeds (Red Hat, SUSE, NVD, OSV, ...

CVE-2024-53271 HTTP/1.1 multiple issues with envoy.reloadable_features.http1_balsa_delay_reset in envoy

Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions envoy does not properly handle http 1.1 non-101 1xx responses. This can lead to downstream failures in networked devices. This issue has been addressed in versions 1.31.5 and 1.32.3. Users are advised to...

GHSA-3J4H-H3FP-VWWW LNbits improperly handles potential network and payment failures when using Eclair backend

Summary Paying invoices in Eclair that do not get settled within the internal timeout about 30s lead to a payment being considered failed, even though it may still be in flight. Details Using blocking: true on the API call will lead to a timeout error if a payment does not get settled in the 30s...

CVE-2021-32755 Certificate pinning is not enforced on the web socket connection

Wire is a collaboration platform. wire-ios-transport handles authentication of requests, network failures, and retries for the iOS implementation of Wire. In the 3.82 version of the iOS application, a new web socket implementation was introduced for users running iOS 13 or higher. This new...

Multiple Vendor ICMP Implementation Malformed Path MTU DoS

No description provided by source. source: http://www.securityfocus.com/bid/13124/info Multiple vendor implementations of TCP/IP Internet Control Message Protocol ICMP are reported prone to several denial-of-service attacks. ICMP is employed by network nodes to determine certain automatic actions...

Multiple Vendor ICMP Message Handling - Denial of Service

source: https://www.securityfocus.com/bid/13124/info Multiple vendor implementations of TCP/IP Internet Control Message Protocol ICMP are reported prone to several denial-of-service attacks. ICMP is employed by network nodes to determine certain automatic actions to take based on network failures...