6 matches found
Denial Of Service (DoS)
blaze-server is vulnerable to denial of service DoS. The vulnerability exists through the unbounded connection acceptance in the NIO1SocketServerGroup that leads to the exhaustion of file handles...
Denial Of Service (DoS)
blaze-core is vulnerable to denial of service DoS. The vulnerability exists through the unbounded connection acceptance in the NIO1SocketServerGroup that leads to the exhaustion of file handles...
CVE-2021-21293
blaze is a Scala library for building asynchronous pipelines, with a focus on network IO. All servers running blaze-core before version 0.14.15 are affected by a vulnerability in which unbounded connection acceptance leads to file handle exhaustion. Blaze, accepts connections unconditionally on a...
Design/Logic Flaw
blaze is a Scala library for building asynchronous pipelines, with a focus on network IO. All servers running blaze-core before version 0.14.15 are affected by a vulnerability in which unbounded connection acceptance leads to file handle exhaustion. Blaze, accepts connections unconditionally on a...
CVE-2021-21294 Unbounded connection acceptance in http4s-blaze-server
Http4s http4s-blaze-server is a minimal, idiomatic Scala interface for HTTP services. Http4s before versions 0.21.17, 0.22.0-M2, and 1.0.0-M14 have a vulnerability which can lead to a denial-of-service. Blaze-core, a library underlying http4s-blaze-server, accepts connections unboundedly on its...
CVE-2021-21293 Unbounded connection acceptance leads to file handle exhaustion
blaze is a Scala library for building asynchronous pipelines, with a focus on network IO. All servers running blaze-core before version 0.14.15 are affected by a vulnerability in which unbounded connection acceptance leads to file handle exhaustion. Blaze, accepts connections unconditionally on a...