Page 56 of 3085 results (0.032 seconds)

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2023-24580 – python-django: Potential denial-of-service vulnerability in file uploads

https://notcve.org/view.php?id=CVE-2023-24580

An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs (e.g., an excessive number of parts) to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for a denial-of-service attack. A memory exhaustion flaw was found in the python-django package. This issue occurs when passing certain inputs, leading to a system crash and denial of service. • http://www.openwall.com/lists/oss-security/2023/02/14/1 https://docs.djangoproject.com/en/4.1/releases/security https://groups.google.com/forum/#%21forum/django-announce https://lists.debian.org/debian-lts-announce/2023/02/msg00023.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKYVMMR7RPM6AHJ2SBVM2LO6D3NGFY7B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK https://lists.fedoraproject • CWE-400: Uncontrolled Resource Consumption •

CVSS: 9.1EPSS: 0%CPEs: 8EXPL: 1

CVE-2023-25725 – haproxy: request smuggling attack in HTTP/1 header parsing

https://notcve.org/view.php?id=CVE-2023-25725

HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some headers disappear after being parsed and processed for HTTP/1.0 and HTTP/1.1. For HTTP/2 and HTTP/3, the impact is limited because the headers disappear before being parsed and processed, as if they had not been sent by the client. The fixed versions are 2.7.3, 2.6.9, 2.5.12, 2.4.22, 2.2.29, and 2.0.31. A flaw was found in HAProxy's headers processing that causes HAProxy to drop important headers fields such as Connection, Content-length, Transfer-Encoding, and Host after having partially processed them. • https://github.com/sgwgsw/LAB-CVE-2023-25725 https://git.haproxy.org/?p=haproxy-2.7.git%3Ba=commit%3Bh=a0e561ad7f29ed50c473f5a9da664267b60d1112 https://lists.debian.org/debian-lts-announce/2023/02/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPTJQHKUEU2PQ7RWFUYAFLAD4STEIKHU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JM5NCIBTHYDTLPY2UNC4HO2VAHHE6CJG https://www.debian.org/security/2023/dsa-5348 https://www.hapro • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •

CVSS: 7.4EPSS: 0%CPEs: 10EXPL: 1

CVE-2023-0361 – gnutls: timing side-channel in the TLS RSA key exchange code

https://notcve.org/view.php?id=CVE-2023-0361

A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection. A timing side-channel vulnerability was found in RSA ClientKeyExchange messages in GnuTLS. • https://access.redhat.com/security/cve/CVE-2023-0361 https://github.com/tlsfuzzer/tlsfuzzer/pull/679 https://gitlab.com/gnutls/gnutls/-/issues/1050 https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ https://lists.fedoraproject.org/archives/list/package& • CWE-203: Observable Discrepancy •

CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0

CVE-2023-23969 – python-django: Potential denial-of-service via Accept-Language headers

https://notcve.org/view.php?id=CVE-2023-23969

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very large. A flaw was found in python-django. The parsed values of the Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial of service vector via excessive memory usage if large header values are sent. • https://docs.djangoproject.com/en/4.1/releases/security https://groups.google.com/forum/#%21forum/django-announce https://lists.debian.org/debian-lts-announce/2023/02/msg00000.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI https://security.netapp.com/advisory/ntap-20230302-0007 https://www.djangoproject.com/weblog& • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0

CVE-2020-36659

https://notcve.org/view.php?id=CVE-2020-36659

In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix. En Apache::Session::Browseable anterior a 1.3.6, la validez del certificado X.509 no se verifica de forma predeterminada cuando se conecta a backends LDAP remotos, porque se usa la configuración predeterminada del módulo Net::LDAPS para Perl. NOTA: esto se puede solucionar, por ejemplo, junto con la corrección CVE-2020-16093. • https://github.com/LemonLDAPNG/Apache-Session-Browseable/commit/fdf393235140b293cae5578ef136055a78f3574f https://lists.debian.org/debian-lts-announce/2023/01/msg00025.html • CWE-295: Improper Certificate Validation •