5 matches found
GHSA-QW99-GRCX-4PVM OpenClaw's Chrome extension relay binds publicly due to wildcard treated as loopback
Summary The Chrome extension relay ensureChromeExtensionRelayServer previously treated wildcard hosts 0.0.0.0 / :: as loopback, which could make it bind the relay HTTP/WS server to all interfaces when a wildcard cdpUrl was passed. Impact If configured with a wildcard cdpUrl, relay HTTP endpoints...
DEBIAN-CVE-2023-25076
A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy 0.6.0-2 and the master branch commit: 822bb80df9b7b345cc9eba55df74a07b498819ba. A specially crafted HTTP or TLS packet can lead to arbitrary code execution. An attacker could send a malicious packet to...
CVE-2023-25076
A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy 0.6.0-2 and the master branch commit: 822bb80df9b7b345cc9eba55df74a07b498819ba. A specially crafted HTTP or TLS packet can lead to arbitrary code execution. An attacker could send a malicious packet to...
CVE-2023-25076
A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy 0.6.0-2 and the master branch commit: 822bb80df9b7b345cc9eba55df74a07b498819ba. A specially crafted HTTP or TLS packet can lead to arbitrary code execution. An attacker could send a malicious packet to...
Exclude top-level domain wildcard hosts
This host has an IP address known to be a wildcard record for a top- level domain TLD or for a host within the 'nessus.org' domain. It has been blacklisted and will not be scanned. C Tenable Network Security, Inc. Known top level domain wildcards, from http://www.imperialviolet.org/dnsfix.html .C...