34 matches found
EUVD-2022-1683
Malicious code in bioql PyPI...
EUVD-2023-1836
Malicious code in bioql PyPI...
TencentOS Server 3: .NET 8.0 (TSSA-2024:0092)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0092 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
.NET 8.0 security update
An update is available for dotnet8.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...
.NET 7.0 security update
An update is available for dotnet7.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...
dotnet: DoS in .NET Core / YARP HTTP / 2 WebSocket support
A vulnerability was found in dotnet. The YARP HTTP/2 WebSocket support in .NET Core can cause a denial of service DoS...
dotnet: DoS in .NET Core / YARP HTTP / 2 WebSocket support
A vulnerability was found in dotnet. The YARP HTTP/2 WebSocket support in .NET Core can cause a denial of service DoS...
Moderate: Red Hat Security Advisory: .NET 7.0 security update
An update for .NET 7.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
dotnet: DoS in .NET Core / YARP HTTP / 2 WebSocket support
A vulnerability was found in dotnet. The YARP HTTP/2 WebSocket support in .NET Core can cause a denial of service DoS...
CVE-2024-21392
A vulnerability was found in dotnet. The YARP HTTP/2 WebSocket support in .NET Core can cause a denial of service DoS. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and...
Moderate: .NET 7.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.117 and .NET Runtime 7.0.17...
Microsoft Patch Tuesday June 2023: Edge type confusion, Git RCE, OneNote Spoofing, PGM RCE, Exchange RCE, SharePoint EoP
Microsoft Patch Tuesday June 2023: Edge type confusion, Git RCE, OneNote Spoofing, PGM RCE, Exchange RCE, SharePoint EoP. Hello everyone! This episode will be about Microsoft Patch Tuesday for June 2023, including vulnerabilities that were added between May and June Patch Tuesdays. Alternative...
YARP Denial of Service Vulnerability
Impact A denial of service vulnerability exists in YARP. Patches If you're using YARP 1.x, you should update to NuGet package version 1.1.2. If you're using YARP 2.0.0, you should update to NuGet package version 2.0.1. You can do so by updating the PackageReference in your .csproj file diff - - +...
GHSA-JRJW-QGR2-WFCG YARP Denial of Service Vulnerability
Impact A denial of service vulnerability exists in YARP. Patches If you're using YARP 1.x, you should update to NuGet package version 1.1.2. If you're using YARP 2.0.0, you should update to NuGet package version 2.0.1. You can do so by updating the PackageReference in your .csproj file diff - - +...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS. A malicious client can cause an error against the destination's size limit, which would incorrectly be attributed to the destination rather than the client. This could allow an attacker to send large amounts of da...
CVE-2023-33141
Yet Another Reverse Proxy YARP Denial of Service Vulnerability...
Denial of service
Yet Another Reverse Proxy YARP Denial of Service Vulnerability...
CVE-2023-33141
Summary: CVE-2023-33141 is a Denial of Service vulnerability in Yet Another Reverse Proxy (YARP). The OSV entry confirms a DoS impact exists in YARP and provides remediation: upgrade to Yarp.ReverseProxy 2.0.1 (and Telemetry.Consumption 2.0.1) to mitigate. The CVE entry lists CVSSv3.1 base score ...
CVE-2023-33141 Yet Another Reverse Proxy (YARP) Denial of Service Vulnerability
...
CVE-2023-33141 Yet Another Reverse Proxy (YARP) Denial of Service Vulnerability
...