3 matches found
Astra Linux – Vulnerability in ruby-websocket-extensions
The websocket-extensions Ruby module before version 0.1.5 allowed Denial of Service DoS attacks through Regex backtracking. The extension parser could take quadratic time when parsing a header containing an unclosed string parameter value whose content was a repeated two-byte sequence of a...
The vulnerability of the __dst_negative_advice() function in the Linux operating system’s IPv4 kernel protocol allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the dstnegativeadvice function in the include/net/sock.h module of the Linux operating system’s IPv4 kernel implementation is related to the reutilization of previously freed memory due to competitive access to resources race condition. Exploiting this vulnerability could all...
PT-2023-27364 · Unknown · Async-Sockets-Cpp
Name of the Vulnerable Software and Affected Versions: async-sockets-cpp versions 0.3.1 and earlier Description: The issue is a stack-based buffer overflow in the ReceiveFrom and Receive functions in udpsocket.hpp when processing malformed UDP packets. This occurs in the async-sockets-cpp library...