2156 matches found
The vulnerability of the reverse proxy server Yet Another Reverse Proxy (YARP) from Microsoft, which stems from insufficient input validation, allows attackers to induce service failures.
The vulnerability of the reverse proxy server, Yet Another Reverse Proxy YARP from Microsoft, is related to insufficient input validation. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
CVE-2022-31028
MinIO is a multi-cloud object storage solution. Starting with version RELEASE.2019-09-25T18-25-51Z and ending with version RELEASE.2022-06-02T02-11-04Z, MinIO is vulnerable to an unending go-routine buildup while keeping connections established due to HTTP clients not closing the connections...
Design/Logic Flaw
MinIO is a multi-cloud object storage solution. Starting with version RELEASE.2019-09-25T18-25-51Z and ending with version RELEASE.2022-06-02T02-11-04Z, MinIO is vulnerable to an unending go-routine buildup while keeping connections established due to HTTP clients not closing the connections...
CVE-2022-31028 Possible DDOS by establishing keep-alive connections with anonymous HTTP clients in MinIO
MinIO is a multi-cloud object storage solution. Starting with version RELEASE.2019-09-25T18-25-51Z and ending with version RELEASE.2022-06-02T02-11-04Z, MinIO is vulnerable to an unending go-routine buildup while keeping connections established due to HTTP clients not closing the connections...
CVE-2022-31028 Possible DDOS by establishing keep-alive connections with anonymous HTTP clients in MinIO
MinIO is a multi-cloud object storage solution. Starting with version RELEASE.2019-09-25T18-25-51Z and ending with version RELEASE.2022-06-02T02-11-04Z, MinIO is vulnerable to an unending go-routine buildup while keeping connections established due to HTTP clients not closing the connections...
CVE-2022-31028 Possible DDOS by establishing keep-alive connections with anonymous HTTP clients in MinIO
MinIO is a multi-cloud object storage solution. Starting with version RELEASE.2019-09-25T18-25-51Z and ending with version RELEASE.2022-06-02T02-11-04Z, MinIO is vulnerable to an unending go-routine buildup while keeping connections established due to HTTP clients not closing the connections...
PT-2022-20472 · Minio +1 · Minio +1
Name of the Vulnerable Software and Affected Versions: MinIO versions RELEASE.2019-09-25T18-25-51Z through RELEASE.2022-06-02T02-11-04Z Description: The issue is related to an unending go-routine buildup while keeping connections established due to HTTP clients not closing the connections...
Uncaught Exception (due to a data race) leads to process termination in Waitress
Impact Waitress may terminate early due to a thread closing a socket while the main thread is about to call select. This will lead to the main thread raising an exception that is not handled and then causing the entire application to be killed. Patches This issue has been fixed in Waitress 2.1.2 ...
Security Bulletin: Vulnerability in Nginx affects IBM Cloud Private and could allow a remote attacker to obtain sensitive information (177988)
Summary There is a vulnerability in the Nginx open source component. Nginx is used by IBM Cloud Private as a reverse proxy. The vulnerability could allow a remote attacker to obtain sensitive information. This bulletin identifies the security fixes to apply to address the Nginx vulnerability 1779...
CVE-2022-31015
Waitress is a Web Server Gateway Interface server for Python 2 and 3. Waitress versions 2.1.0 and 2.1.1 may terminate early due to a thread closing a socket while the main thread is about to call select. This will lead to the main thread raising an exception that is not handled and then causing t...
CVE-2022-31015
Waitress is a Web Server Gateway Interface server for Python 2 and 3. Waitress versions 2.1.0 and 2.1.1 may terminate early due to a thread closing a socket while the main thread is about to call select. This will lead to the main thread raising an exception that is not handled and then causing t...
Code injection
Waitress is a Web Server Gateway Interface server for Python 2 and 3. Waitress versions 2.1.0 and 2.1.1 may terminate early due to a thread closing a socket while the main thread is about to call select. This will lead to the main thread raising an exception that is not handled and then causing t...
PYSEC-2022-205
Waitress is a Web Server Gateway Interface server for Python 2 and 3. Waitress versions 2.1.0 and 2.1.1 may terminate early due to a thread closing a socket while the main thread is about to call select. This will lead to the main thread raising an exception that is not handled and then causing t...
CVE-2022-31015 Uncaught Exception (due to a data race) leads to process termination in Waitress
Waitress is a Web Server Gateway Interface server for Python 2 and 3. Waitress versions 2.1.0 and 2.1.1 may terminate early due to a thread closing a socket while the main thread is about to call select. This will lead to the main thread raising an exception that is not handled and then causing t...
CVE-2022-31015
Waitress is a Web Server Gateway Interface server for Python 2 and 3. Waitress versions 2.1.0 and 2.1.1 may terminate early due to a thread closing a socket while the main thread is about to call select. This will lead to the main thread raising an exception that is not handled and then causing t...
CVE-2022-31015
Waitress is a Web Server Gateway Interface server for Python 2 and 3. Waitress versions 2.1.0 and 2.1.1 may terminate early due to a thread closing a socket while the main thread is about to call select. This will lead to the main thread raising an exception that is not handled and then causing t...
PT-2022-20460 · Pypi · Waitress
Name of the Vulnerable Software and Affected Versions: Waitress versions 2.1.0 through 2.1.1 Description: Waitress is a Web Server Gateway Interface server for Python 2 and 3. The issue arises when a thread closes a socket while the main thread is about to call select, leading to the main thread...
Hakoriginfinder - Tool For Discovering The Origin Host Behind A Reverse Proxy. Useful For Bypassing Cloud WAFs!
Tool for discovering the origin host behind a reverse proxy. Useful for bypassing WAFs and other reverse proxies. How does it work? This tool will first make a HTTP request to the hostname that you provide and store the response, then it will make a request to every IP address that you provide vi...
CVE-2009-1890
...
GHSA-C8RQ-CRXJ-MJ9M Async-h1 request smuggling possible with long unread bodies
An issue was discovered in the async-h1 crate before 2.3.0 for Rust. Request smuggling can occur when used behind a reverse proxy...