Unity Linux 20.1050e / 20.1070e Security Update: python-waitress (UTSA-2026-016504)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016504 advisory. Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call...

EUVD-2004-1496

Malware in sbrugna...

EUVD-2011-1783

Malware in sbrugna...

EUVD-2010-4644

Malware in sbrugna...

EUVD-2024-0188

Malicious code in bioql PyPI...

GHSA-RV78-QQRQ-73M5 Directus's S3 assets become unavailable after a burst of HEAD requests

Summary There's some tools that use Directus to sync content and assets. Some of those tools use HEAD method, like Shopify, to check the existence of files. Although, when making many HEAD requests at once, at some point, all assets are being served as 403. Details When I was investigating this...

waitress: Waitress has a denial of service leading to high CPU usage/resource exhaustion

A flaw was found in the Waitress WSGI server for Python. When a remote client closes the connection before waitress has had the opportunity to call getpeername, waitress will incorrectly clean up the connection, leading to the main thread attempting to write to a socket that no longer exists, and...

waitress: Waitress has a denial of service leading to high CPU usage/resource exhaustion

A flaw was found in the Waitress WSGI server for Python. When a remote client closes the connection before waitress has had the opportunity to call getpeername, waitress will incorrectly clean up the connection, leading to the main thread attempting to write to a socket that no longer exists, and...

waitress: Waitress has a denial of service leading to high CPU usage/resource exhaustion

A flaw was found in the Waitress WSGI server for Python. When a remote client closes the connection before waitress has had the opportunity to call getpeername, waitress will incorrectly clean up the connection, leading to the main thread attempting to write to a socket that no longer exists, and...

SUSE CVE-2024-49769

Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer...

PYSEC-2024-211

Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer...

DEBIAN-CVE-2024-49769

Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer...

PYSEC-2024-211

Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer...

AZL-51822 CVE-2024-49769 affecting package python-waitress 1.4.4-7

Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer...

CVE-2024-49769

Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer...

spice-vdagent: possibility to exhaust file descriptors in vdagentd

A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in /run/spice-vdagentd/spice-vdagent-sock. This flaw allows any unprivileged local guest user to prevent legitimate agents from connecting to the...

GHSA-XMW9-Q7X9-J5QC Unbounded connection acceptance leads to file handle exhaustion

Impact All servers running blaze-core = 0.14.14, including blaze-http and http4s-blaze-server users, are affected. Blaze, accepts connections unconditionally on a dedicated thread pool. This has the net effect of amplifying degradation in services that are unable to handle their current request...

PT-2020-5625 · Red Hat +3 · Ceph +3

Name of the Vulnerable Software and Affected Versions: Ceph affected versions not specified Description: A flaw in the Ceph RGW Beast front-end's handling of unexpected disconnects allows an authenticated attacker to make multiple disconnect attempts, resulting in a permanent leak of a socket...

Design/Logic Flaw

A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond...

CVE-2017-3144 Failure to properly clean up closed OMAPI connections can exhaust available sockets

A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond...