2083 matches found
PT-2023-33549 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.18 Description: The issue is related to an infinite loop in tracing read pipe on overflowed print trace line. This problem was introduced in version v2.6.27 and is fixed in Linux Kernel version v6.0.18. The...
Tokio's reject_remote_clients configuration may get dropped when creating a Windows named pipe
...
GHSA-7RRJ-XR53-82P7 Tokio reject_remote_clients configuration may get dropped when creating a Windows named pipe
Impact When configuring a Windows named pipe server, setting pipemode will reset rejectremoteclients to false. If the application has previously configured rejectremoteclients to true, this effectively undoes the configuration. This also applies if rejectremoteclients is not explicitly set as thi...
Tokio reject_remote_clients configuration may get dropped when creating a Windows named pipe
Impact When configuring a Windows named pipe server, setting pipemode will reset rejectremoteclients to false. If the application has previously configured rejectremoteclients to true, this effectively undoes the configuration. This also applies if rejectremoteclients is not explicitly set as thi...
DEBIAN-CVE-2023-22466
Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting pipemode will reset rejectremoteclients to false. If the application has previously configured...
CVE-2023-22466
Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting pipemode will reset rejectremoteclients to false. If the application has previously configured...
Code injection
Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting pipemode will reset rejectremoteclients to false. If the application has previously configured...
UBUNTU-CVE-2023-22466
Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting pipemode will reset rejectremoteclients to false. If the application has previously configured...
CVE-2023-22466
Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting pipemode will reset rejectremoteclients to false. If the application has previously configured...
CVE-2023-22466 Tokio's reject_remote_clients configuration may get dropped when creating a Windows named pipe
Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting pipemode will reset rejectremoteclients to false. If the application has previously configured...
CVE-2023-22466 Tokio's reject_remote_clients configuration may get dropped when creating a Windows named pipe
Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting pipemode will reset rejectremoteclients to false. If the application has previously configured...
CVE-2023-22466
Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting pipemode will reset rejectremoteclients to false. If the application has previously configured...
CVE-2023-22466 Tokio's reject_remote_clients configuration may get dropped when creating a Windows named pipe
Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting pipemode will reset rejectremoteclients to false. If the application has previously configured...
CVE-2023-22466
Tokio (Rust) prior to v1.18.4, v1.20.3, and v1.23.1, and the 1.7.0–1.18.x range, has a Windows named pipe setting bug: when configuring pipe_mode for a named pipe server, reject_remote_clients is reset to false, undoing any prior true setting. This can allow remote clients access to the named pip...
Exploit for Improper Initialization in Linux Linux_Kernel
Dirty-Pipe-CVE-2022-0847-POCs - Author: Max Kellermann max.kel...
RUSTSEC-2023-0001 reject_remote_clients Configuration corruption
On Windows, configuring a named pipe server with pipemode will force ServerOptions::rejectremoteclients as false. This drops any intended explicit configuration for the rejectremoteclients that may have been set as true previously. The default setting of rejectremoteclients is normally true meani...
reject_remote_clients Configuration corruption
On Windows, configuring a named pipe server with pipemode will force ServerOptions::rejectremoteclients as false. This drops any intended explicit configuration for the rejectremoteclients that may have been set as true previously. The default setting of rejectremoteclients is normally true meani...
PT-2023-18518 · Tokio · Tokio
Name of the Vulnerable Software and Affected Versions: Tokio versions 1.7.0 through 1.18.3 Tokio versions 1.18.4 through 1.20.2 Tokio versions 1.20.3 through 1.23.0 Description: When configuring a Windows named pipe server, setting pipe mode will reset reject remote clients to false. If the...
aluminum-pipe.com Cross Site Scripting vulnerability OBB-3118210
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2022-36221
Nokia Fastmile 3tg00118abad52 is affected by an authenticated path traversal vulnerability which allows attackers to read any named pipe file on the system...