undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol

A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and...

undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol

A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and...

undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol

A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and...

SUSE CVE-2024-28869

Traefik is an HTTP reverse proxy and load balancer. In affected versions sending a GET request to any Traefik endpoint with the "Content-length" request header results in an indefinite hang with the default configuration. This vulnerability can be exploited by attackers to induce a denial of...

April 9, 2024—KB5036910 (OS Build 25398.830)

April 9, 2024—KB5036910 OS Build 25398.830 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server, version 23H2, see its update history page. Improvements This security update...

The vulnerability of the ApiPageSet.php file of the software for implementing the MediaWiki hypertext environment allows a hacker to cause a service failure.

The vulnerability of the ApiPageSet.php file of the software for implementing the MediaWiki hypertext environment is related to an unlimited loop. When requesting this file, a RequestTimeoutException occurs, and the request is redirected to other options with specified redirections and converted...

ibc-go: Potential Reentrancy using Timeout Callbacks in ibc-hooks

Name: ASA-2024-007: Potential Reentrancy using Timeout Callbacks in ibc-hooks Component: ibc-go Criticality: Critical ACMv1: I:Critical; L:AlmostCertain Affected versions: v4.6.0, v5.4.0, v6.3.0, v7.4.0, v8.2.0 Affected users: Chain Builders + Maintainers Summary Through the deployment and...

undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol

A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and...

NITRO API commands not working, request times out.

NITRO API endpoint is not working, the requests sent to the NSIP timeout without a response...

Medium: kernel

Issue Overview: A flaw was found in the smb client in the Linux kernel. A potential out-of-bounds error was seen in the smb2parsecontexts function. Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts. CVE-2023-52434 In the Linux kernel, the following vulnerabili...

Tukaani XZ Utils Installed (Linux / Unix)

Binary data xzutilsnixinstalled.nbin...

SUSE CVE-2023-52620

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow timeout for anonymous sets Never used from userspace, disallow these parameters...

SUSE CVE-2024-26642

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFTSETEVAL to ensure legacy meters still work...

CVE-2024-26642

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFTSETEVAL to ensure legacy meters still work...

CVE-2023-52620

A vulnerability was found in netfilter/nftables componets of Linux Kernel allows an userspace to set timeouts for anonymous sets, which are not intended to be used this way. This could lead to unexpected behaviour or security issues. Mitigation Red Hat has investigated whether a possible mitigati...

CVE-2023-52620

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow timeout for anonymous sets Never used from userspace, disallow these parameters...

DEBIAN-CVE-2023-52620

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow timeout for anonymous sets Never used from userspace, disallow these parameters...

UBUNTU-CVE-2024-26642

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFTSETEVAL to ensure legacy meters still work...

CVE-2024-26643

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it is being released fr...

CVE-2024-26643 netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it is being released fr...