8 matches found
Updated openvpn packages fix security vulnerabilities
CVE-2026-35058 - fix server ASSERT on receiving a suitably malformed packet with a valid tls-crypt-v2 key CVE-2026-40215 - fix race condition in TLS handshake that could lead to leaking of packet data from a previous handshake under specific circumstances...
MGASA-2026-0126 Updated openvpn packages fix security vulnerabilities
CVE-2026-35058 - fix server ASSERT on receiving a suitably malformed packet with a valid tls-crypt-v2 key CVE-2026-40215 - fix race condition in TLS handshake that could lead to leaking of packet data from a previous handshake under specific circumstances...
CVE-2026-27623
Valkey is a distributed key-value database. Starting in version 9.0.0 and prior to version 9.0.3, a malicious actor with network access to Valkey can cause the system to abort by triggering an assertion. When processing incoming requests, the Valkey system does not properly reset the networking...
PYSEC-2023-312
Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server by sending a non-administrative command specifically, a SET command. NOTE: this was fixed for Redis 6.2.x and 7.x in 2021. Versions before 6.2 were not intended to have safety guarantees related to this...
CVE-2022-38150
In Varnish Cache 7.0.0, 7.0.1, 7.0.2, and 7.1.0, it is possible to cause the Varnish Server to assert and automatically restart through forged HTTP/1 backend responses. An attack uses a crafted reason phrase of the backend response status line. This is fixed in 7.0.3 and 7.1.1...
varnish -- Denial of Service Vulnerability
Varnish Cache Project reports: A denial of service attack can be performed against Varnish Cache servers by specially formatting the reason phrase of the backend response status line. In order to execute an attack, the attacker would have to be able to influence the HTTP/1 responses that the...
Important: nodejs:12 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 12.16.1. Security Fixes: nodejs: HTTP request smuggling using malformed...
RLSA-2020:0579 Important: nodejs:10 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 10.19.0. Security Fixes: nodejs: HTTP request smuggling using malformed...