5 matches found
Denial Of Service (DoS)
github.com/versity/versitygw is vulnerable to Denial Of Service DoS. The vulnerability is due to sending AWS chunk data without a Content-Length HTTP header, which causes the server to panic and crash, allowing an attacker to repeatedly trigger service disruption...
GO-2025-3925 Versity panic induced by AWS chunked data sent to port in github.com/versity/versitygw
Versity panic induced by AWS chunked data sent to port in github.com/versity/versitygw...
PT-2025-36649
Versity panic induced by AWS chunked data sent to port in github.com/versity/versitygw...
GHSA-V2CH-C8V8-FGR7 Versity panic induced by AWS chunked data sent to port
Sending AWS chunk data with no Content-Length HTTP header causes the panic, every time. Reproduction Setup versity server running on port 7071, no SSL for ease of packet tracing with tshark. Problem can be reproduced with or without SSL on the versity end. Use nginx to reverse proxy on port 7070...
Versity panic induced by AWS chunked data sent to port
Sending AWS chunk data with no Content-Length HTTP header causes the panic, every time. Reproduction Setup versity server running on port 7071, no SSL for ease of packet tracing with tshark. Problem can be reproduced with or without SSL on the versity end. Use nginx to reverse proxy on port 7070...