pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion

An unbounded recursion flaw has been discovered in the pypi pyasn1 library. This uncontrolled recursion occurs when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested SEQUENCE 0x30 or SET 0x31 tags with Indefinite Length 0x80 markers. Thi...

Denial of Service in pyasn1 via Unbounded Recursion

Summary The pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested SEQUENCE 0x30 or SET 0x31 tags with Indefinite Length 0x80 markers. This...

Security update for libtasn1

This update for libtasn1 fixes the following issues: CVE-2024-12133: Fixed potential DoS in handling of numerous SEQUENCE OF or SET OF elements bsc1236878 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Denial Of Service (DoS)

Mutt is vulnerable to denial of service. An out-of-bounds read in imap/util.c where an IMAP sequence set ends with a comma could result in disclosure of confidential information or an application crash...

CVE-2021-32055

Mutt 1.11.0 through 2.0.x before 2.0.7 and NeoMutt 2019-10-25 through 2021-05-04 has a $imapqresync issue in which imap/util.c has an out-of-bounds read in situations where an IMAP sequence set ends with a comma. NOTE: the $imapqresync setting for QRESYNC is not enabled by default...

PT-2021-4065 · Neomutt +4 · Neomutt +4

Name of the Vulnerable Software and Affected Versions: Mutt versions 1.11.0 through 2.0.x before 2.0.7 NeoMutt versions 2019-10-25 through 2021-05-04 Description: The issue is related to incorrect handling of an IMAP sequence set that ends with a comma in the imap/util.c component of Mutt and...

Denial Of Service (DoS0

qpid-cpp-mrg is vulnerable to denial of service DoS attacks. The vulnerability exists as the qpidd broker in Apache Qpid 0.30 and earlier allows remote authenticated users to cause a denial of service daemon crash via an AMQP message with 1 an invalid range in a sequence set, 2 content-bearing...

CVE-2015-0203

The qpidd broker in Apache Qpid 0.30 and earlier allows remote authenticated users to cause a denial of service daemon crash via an AMQP message with 1 an invalid range in a sequence set, 2 content-bearing methods other than message-transfer, or 3 a session-gap control before a corresponding...

Design/Logic Flaw

The qpidd broker in Apache Qpid 0.30 and earlier allows remote authenticated users to cause a denial of service daemon crash via an AMQP message with 1 an invalid range in a sequence set, 2 content-bearing methods other than message-transfer, or 3 a session-gap control before a corresponding...

CVE-2015-0203

The qpidd broker in Apache Qpid 0.30 and earlier allows remote authenticated users to cause a denial of service daemon crash via an AMQP message with 1 an invalid range in a sequence set, 2 content-bearing methods other than message-transfer, or 3 a session-gap control before a corresponding...

CVE-2015-0224

qpidd in Apache Qpid 0.30 and earlier allows remote attackers to cause a denial of service daemon crash via a crafted protocol sequence set. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0203...

qpid-cpp: AMQP 0-10 protocol sequence-set maximal range DoS (incomplete CVE-2015-0203 fix)

A flaw was found in the way the Qpid daemon qpidd processed certain protocol sequences. An unauthenticated attacker able to send a specially crafted protocol sequence set that could use this flaw to crash qpidd...

qpid-cpp: AMQP 0-10 protocol sequence-set maximal range DoS (incomplete CVE-2015-0203 fix)

A flaw was found in the way the Qpid daemon qpidd processed certain protocol sequences. An unauthenticated attacker able to send a specially crafted protocol sequence set that could use this flaw to crash qpidd...