91 matches found
Mageia: Security Advisory (MGASA-2022-0182)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2022-0182 Updated python-waitress packages fix security vulnerability
When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy may disagree on where one request starts and where it ends. This would allow requests to be smuggled via the front-en...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 13.0 (python-waitress) security update
An update for python-waitress is now available for Red Hat OpenStack Platform 13 Queens. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (python-waitress) security update
An update for python-waitress is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (python-waitress) security update
An update for python-waitress is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 8 : Red Hat OpenStack Platform 16.1 (python-waitress) (RHSA-2022:1254)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:1254 advisory. Pure-python WSGI server Security Fixes: Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' CVE-2022-24761 For more details about t...
RHEL 8 : Red Hat OpenStack Platform 16.2 (python-waitress) (RHSA-2022:1253)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:1253 advisory. Pure-python WSGI server Security Fixes: Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' CVE-2022-24761 For more details about t...
AZL-43984 CVE-2022-24761 affecting package python-waitress 1.4.4-7
Waitress is a Web Server Gateway Interface server for Python 2 and 3. When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy may disagree on where one request starts and...
AZL-45060 CVE-2022-24761 affecting package python-waitress for versions less than 3.0.1-1
Waitress is a Web Server Gateway Interface server for Python 2 and 3. When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy may disagree on where one request starts and...
Mageia: Security Advisory (MGASA-2020-0083)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:3269-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : python-waitress (openSUSE-2020-1911)
This update for python-waitress to 1.4.3 fixes the following security issues : - CVE-2019-16785: HTTP request smuggling through LF vs CRLF handling bsc1161088. - CVE-2019-16786: HTTP request smuggling through invalid Transfer-Encoding bsc1161089. - CVE-2019-16789: HTTP request smuggling through...
openSUSE Security Update : python-waitress (openSUSE-2020-1922)
This update for python-waitress to 1.4.3 fixes the following security issues : - CVE-2019-16785: HTTP request smuggling through LF vs CRLF handling bsc1161088. - CVE-2019-16786: HTTP request smuggling through invalid Transfer-Encoding bsc1161089. - CVE-2019-16789: HTTP request smuggling through...
OPENSUSE-SU-2020:1922-1 Security update for python-waitress
This update for python-waitress to 1.4.3 fixes the following security issues: - CVE-2019-16785: HTTP request smuggling through LF vs CRLF handling bsc1161088. - CVE-2019-16786: HTTP request smuggling through invalid Transfer-Encoding bsc1161089. - CVE-2019-16789: HTTP request smuggling through...
OPENSUSE-SU-2020:1911-1 Security update for python-waitress
This update for python-waitress to 1.4.3 fixes the following security issues: - CVE-2019-16785: HTTP request smuggling through LF vs CRLF handling bsc1161088. - CVE-2019-16786: HTTP request smuggling through invalid Transfer-Encoding bsc1161089. - CVE-2019-16789: HTTP request smuggling through...
Security update for python-waitress (moderate)
openSUSE Security Update: Security update for python-waitress Announcement ID: openSUSE-SU-2020:1911-1 Rating: moderate References: 1160790 1161088 1161089 1161670 Cross-References: CVE-2019-16785 CVE-2019-16786 CVE-2019-16789 CVE-2019-16792 Affected Products: openSUSE Leap 15.2 An update that...
Security update for python-waitress (moderate)
openSUSE Security Update: Security update for python-waitress Announcement ID: openSUSE-SU-2020:1922-1 Rating: moderate References: 1160790 1161088 1161089 1161670 Cross-References: CVE-2019-16785 CVE-2019-16786 CVE-2019-16789 CVE-2019-16792 Affected Products: openSUSE Leap 15.1 An update that...
SUSE-SU-2020:3292-1 Security update for python-waitress
This update for python-waitress to version 1.4.3 fixes the following security issues: - CVE-2019-16785: HTTP request smuggling through LF vs CRLF handling bsc1161088. - CVE-2019-16786: HTTP request smuggling through invalid Transfer-Encoding bsc1161089. - CVE-2019-16789: HTTP request smuggling...
SUSE-SU-2020:3269-1 Security update for python-waitress
This update for python-waitress to 1.4.3 fixes the following security issues: - CVE-2019-16785: HTTP request smuggling through LF vs CRLF handling bsc1161088. - CVE-2019-16786: HTTP request smuggling through invalid Transfer-Encoding bsc1161089. - CVE-2019-16789: HTTP request smuggling through...
EulerOS Virtualization for ARM 64 3.0.6.0 : python-waitress (EulerOS-SA-2020-2049)
According to the versions of the python-waitress package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string valu...