CVE-2023-43641 traefik - Resource exhaustion by malicious HTTP/2 client traefik 2.10.5 There is a vulnerability to out-of-bounds array access. Race condition that can be used by another process toīypass desired Unix socket permissions on startup.ĬVE-2023-45145 libcue - out-of-bounds array access libcue 2.3.0 The wrong order of listen(2) and chmod(2) calls creates a HTTP/2 denial of service vulnerability in bundled Jetty CVE-2023-36478 CVE-2023-44487 Roundcube - XSS vulnerability in SVG roundcube 1.6.4,1Ĭross-site scripting (XSS) vulnerability in handling of SVG in HTML messages redis - Possible bypassing Unix socket permissions redis 7.2.2 redis-devel 7.1018 redis70 7.0.14 redis62 6.2.14 CVE-2023-43622: Apache HTTP Server: DoS in HTTP/2 with.CVE-2023-45802: Apache HTTP Server: HTTP/2 stream. Security: backported fix for CVE-2023-5218.ĬVE-2023-5218 Apache httpd - Multiple vulnerabilities apache24 2.4.58.This update fixes the following vulnerability: CVE-2023-41259 SECURITY: RT is vulnerable to unvalidated email headers in incoming email and the mail-gateway REST interface.ĬVE-2023-41260 SECURITY: RT is vulnerable to information leakage via response messages returned from requests sent via the mail-gateway REST interface.ĬVE-2023-45024 SECURITY: RT 5.0 is vulnerable to information leakage via transaction searches made by authenticated users in the transaction query builder.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |