CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49768 – Waitress has request processing race condition in HTTP pipelining with invalid first request
https://notcve.org/view.php?id=CVE-2024-49768
29 Oct 2024 — Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may send a request that is exactly recv_bytes (defaults to 8192) long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled (default) we won't read any more requests, and when the first request fails due to a parsing error, we simply close the connection. However when request lookahead is enabled, it is possible to process and receive the first request, start sending the error message b... • https://github.com/Pylons/waitress/commit/e4359018537af376cf24bd13616d861e2fb76f65 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49769 – Waitress has a denial of service leading to high CPU usage/resource exhaustion
https://notcve.org/view.php?id=CVE-2024-49769
29 Oct 2024 — Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername() waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer exists, but not removing it from the list of sockets to attempt to process. This leads to a busy-loop calling the write function. A remote attacker could run waitress out of available sockets with very little resou... • https://github.com/Pylons/waitress/commit/1ae4e894c9f76543bee06584001583fc6fa8c95c • CWE-772: Missing Release of Resource after Effective Lifetime •