3 matches found
Server-side Request Forgery (SSRF)
Overview johnbillion/wp-crontrol is a package that allows you to take control of the cron events on your WordPress website. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the wpremoterequest function. An attacker can send arbitrary HTTP requests from the...
Denial of Service (DoS)
Overview apple/swift-nio-http2 is a HTTP/2 support for SwiftNIO. Affected versions of this package are vulnerable to Denial of Service DoS. This can be caused by a network peer sending ALTSVC or ORIGIN frames, due to a logical error after frame parsing but before frame handling. Details Denial of...
Integer Overflow or Wraparound
Overview apple/swift-nio-http2 is a HTTP/2 support for SwiftNIO. Affected versions of this package are vulnerable to Integer Overflow or Wraparound. This can result in a DoS, caused by a network peer sending a specially crafted HPACK-encoded header block. Remediation Upgrade apple/swift-nio-http2...