Lucene search
K

385 matches found

OpenVAS
OpenVAS
added 2024/11/28 12:0 a.m.8 views

Fedora: Security Advisory (FEDORA-2024-5abfdba2b7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.1AI score0.01386EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/11/28 12:0 a.m.11 views

Fedora 40 : mingw-python-waitress (2024-5abfdba2b7)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5abfdba2b7 advisory. Backport fixes for CVE-2024-49768 and CVE-2024-49769. Tenable has extracted the preceding description block directly from the Fedora security...

9.1CVSS6.6AI score0.01386EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/11/26 11:24 a.m.10 views

waitress: python-waitress: request processing race condition in HTTP pipelining with invalid first request

A flaw was found in the Waitress WSGI server for Python. A remote client can send a request that is exactly recvbytes, which defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default, Waitress won't read any more requests, and when th...

9.1CVSS5.8AI score0.00496EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/11/26 11:24 a.m.8 views

waitress: Waitress has a denial of service leading to high CPU usage/resource exhaustion

A flaw was found in the Waitress WSGI server for Python. When a remote client closes the connection before waitress has had the opportunity to call getpeername, waitress will incorrectly clean up the connection, leading to the main thread attempting to write to a socket that no longer exists, and...

7.5CVSS5.7AI score0.01386EPSS
Exploits0References8
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/26 9:40 a.m.62 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining Interim Fix for Nov 2024

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 1.15.0 IF004 Vulnerability Details CVEID:CVE-2024-38821 DESCRIPTION: VMware Tanzu Spring Security could allow a remote attacker to bypass security...

9.8CVSS9.1AI score0.66594EPSS
Exploits16Affected Software1
RedHat Linux
RedHat Linux
added 2024/11/20 4:28 a.m.5 views

waitress: python-waitress: request processing race condition in HTTP pipelining with invalid first request

A flaw was found in the Waitress WSGI server for Python. A remote client can send a request that is exactly recvbytes, which defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default, Waitress won't read any more requests, and when th...

9.1CVSS5.8AI score0.00496EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/11/20 4:28 a.m.3 views

waitress: Waitress has a denial of service leading to high CPU usage/resource exhaustion

A flaw was found in the Waitress WSGI server for Python. When a remote client closes the connection before waitress has had the opportunity to call getpeername, waitress will incorrectly clean up the connection, leading to the main thread attempting to write to a socket that no longer exists, and...

7.5CVSS5.7AI score0.01386EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/11/20 12:57 a.m.5 views

waitress: python-waitress: request processing race condition in HTTP pipelining with invalid first request

A flaw was found in the Waitress WSGI server for Python. A remote client can send a request that is exactly recvbytes, which defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default, Waitress won't read any more requests, and when th...

9.1CVSS5.8AI score0.00496EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/11/20 12:57 a.m.5 views

waitress: Waitress has a denial of service leading to high CPU usage/resource exhaustion

A flaw was found in the Waitress WSGI server for Python. When a remote client closes the connection before waitress has had the opportunity to call getpeername, waitress will incorrectly clean up the connection, leading to the main thread attempting to write to a socket that no longer exists, and...

7.5CVSS5.7AI score0.01386EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/11/20 12:57 a.m.20 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.23 packages and security update

Red Hat OpenShift Container Platform release 4.16.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

9.1CVSS6.7AI score0.01386EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/11/20 12:0 a.m.6 views

Ubuntu: Security Advisory (USN-7115-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.3AI score0.01386EPSS
Exploits0References2
OSV
OSV
added 2024/11/19 5:19 p.m.11 views

USN-7115-1 Waitress vulnerabilities

It was discovered that Waitress could process follow up requests when receiving a specially crafted message. An attacker could use this issue to have the server process inconsistent client requests. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. CVE-2024-49768 Dylan Jay discovered th...

9.1CVSS5.8AI score0.01386EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2024/11/19 5:19 p.m.15 views

USN-7115-1: Waitress vulnerabilities

It was discovered that Waitress could process follow up requests when receiving a specially crafted message. An attacker could use this issue to have the server process inconsistent client requests. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. CVE-2024-49768 Dylan Jay discovered th...

9.1CVSS6.7AI score0.01386EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/11/19 8:51 a.m.6 views

waitress: python-waitress: request processing race condition in HTTP pipelining with invalid first request

A flaw was found in the Waitress WSGI server for Python. A remote client can send a request that is exactly recvbytes, which defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default, Waitress won't read any more requests, and when th...

9.1CVSS5.8AI score0.00496EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/11/19 8:51 a.m.4 views

waitress: Waitress has a denial of service leading to high CPU usage/resource exhaustion

A flaw was found in the Waitress WSGI server for Python. When a remote client closes the connection before waitress has had the opportunity to call getpeername, waitress will incorrectly clean up the connection, leading to the main thread attempting to write to a socket that no longer exists, and...

7.5CVSS5.7AI score0.01386EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/11/19 12:0 a.m.17 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Waitress vulnerabilities (USN-7115-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7115-1 advisory. It was discovered that Waitress could process follow up requests when receiving a specially crafted message. An attacker...

9.1CVSS6.7AI score0.01386EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/11/18 12:0 a.m.9 views

Debian: Security Advisory (DLA-3955-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.01386EPSS
Exploits0References2
Debian
Debian
added 2024/11/16 9:59 p.m.11 views

[SECURITY] [DLA 3955-1] waitress security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3955-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk November 16, 2024 https://wiki.debian.org/LTS -...

7.5CVSS5.9AI score0.01386EPSS
Exploits0
OSV
OSV
added 2024/11/16 12:0 a.m.9 views

DLA-3955-1 waitress - security update

Bulletin has no description...

7.5CVSS8.3AI score0.01386EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/11/16 12:0 a.m.6 views

Debian dla-3955 : python-waitress-doc - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-3955 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3955-1 [email protected] https://www.debian.org/lts/security/...

7.5CVSS7.1AI score0.01386EPSS
Exploits0References4
Rows per page
Query Builder