14 matches found
EUVD-2023-1057
Malicious code in bioql PyPI...
CVE-2023-28846
Unpoly is a JavaScript framework for server-side web applications. There is a possible Denial of Service DoS vulnerability in the unpoly-rails gem that implements the Unpoly server protocol for Rails applications. This issues affects Rails applications that operate as an upstream of a load...
Hypermedia and Browser Enhancement
Front end development these days is dominated by large JavaScript client side frameworks. There are plenty of good reasons for that, but it can be very inefficient for many use cases, and the framework engineering has become extremely complex. In this article, I want to explore a different...
Denial Of Service (DoS)
Unpoly-rails is vulnerable to Denial Of Service. The vulnerability exists due to the use of the request URL as an X-Up-Location response header in requestechoheaders.rb which allows an attacker to cause an application crash through a malicious input...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS when echoing the request URL as an X-Up-Location response header. By making a request with exceedingly long URLs paths or query string, an attacker can cause unpoly-rails to write a exceedingly large response heade...
GHSA-M875-3XF6-MF78 unpoly-rails Denial of Service vulnerability
There is a possible Denial of Service DoS vulnerability in the unpoly-rails gem that implements the Unpoly server protocol for Rails applications. Impact This issues affects Rails applications that operate as an upstream of a load balancer's that uses passive health checks. The unpoly-rails gem...
unpoly-rails Denial of Service vulnerability
There is a possible Denial of Service DoS vulnerability in the unpoly-rails gem that implements the Unpoly server protocol for Rails applications. Impact This issues affects Rails applications that operate as an upstream of a load balancer's that uses passive health checks. The unpoly-rails gem...
Design/Logic Flaw
Unpoly is a JavaScript framework for server-side web applications. There is a possible Denial of Service DoS vulnerability in the unpoly-rails gem that implements the Unpoly server protocol for Rails applications. This issues affects Rails applications that operate as an upstream of a load...
CVE-2023-28846
CVE-2023-28846 affects the unpoly-rails gem used with Rails. The DoS arises when echoing the request URL in the X-Up-Location header: crafted requests with extremely long URLs can produce an oversized header, which may cause a downstream load balancer to remove the upstream from the pool, making ...
CVE-2023-28846 Denial of Service in unpoly-rails
Unpoly is a JavaScript framework for server-side web applications. There is a possible Denial of Service DoS vulnerability in the unpoly-rails gem that implements the Unpoly server protocol for Rails applications. This issues affects Rails applications that operate as an upstream of a load...
CVE-2023-28846 Denial of Service in unpoly-rails
Unpoly is a JavaScript framework for server-side web applications. There is a possible Denial of Service DoS vulnerability in the unpoly-rails gem that implements the Unpoly server protocol for Rails applications. This issues affects Rails applications that operate as an upstream of a load...
CVE-2023-28846 Denial of Service in unpoly-rails
Unpoly is a JavaScript framework for server-side web applications. There is a possible Denial of Service DoS vulnerability in the unpoly-rails gem that implements the Unpoly server protocol for Rails applications. This issues affects Rails applications that operate as an upstream of a load...
Unpoly 资源管理错误漏洞
Unpoly is a JavaScript framework for server-side web applications. A resource management error vulnerability exists in Unpoly versions prior to 2.7.2.2, which stems from the presence of a denial of service DoS vulnerability...
unpoly-rails Denial of Service vulnerability
There is a possible Denial of Service DoS vulnerability in the unpoly-rails gem that implements the Unpoly server protocol for Rails applications. Impact This issues affects Rails applications that operate as an upstream of a load balancer's that uses passive health checks. The unpoly-rails gem...