Security
Headlines

Headlines Latest CVEs

Headline

GHSA-9mcr-873m-xcxp: Tungstenite allows remote attackers to cause a denial of service

The Tungstenite crate through 0.20.0 for Rust allows remote attackers to cause a denial of service (minutes of CPU consumption) via an excessive length of an HTTP header in a client handshake. The length affects both how many times a parse is attempted (e.g., thousands of times) and the average amount of data for each parse attempt (e.g., millions of bytes).

12 months ago

Tungstenite allows remote attackers to cause a denial of service

Moderate severity GitHub Reviewed Published Sep 21, 2023 to the GitHub Advisory Database • Updated Sep 21, 2023

Related news

CVE-2023-43669: denial of service with long HTTP request header · Issue #376 · snapview/tungstenite-rs

The Tungstenite crate through 0.20.0 for Rust allows remote attackers to cause a denial of service (minutes of CPU consumption) via an excessive length of an HTTP header in a client handshake. The length affects both how many times a parse is attempted (e.g., thousands of times) and the average amount of data for each parse attempt (e.g., millions of bytes).

12 months ago

#vulnerability #web #mac #ubuntu #linux #dos

ghsa: Latest News

GHSA-26jh-r8g2-6fpr: Gradio's dropdown component pre-process step does not limit the values to those in the dropdown list

4 hours ago

GHSA-gvv6-33j7-884g: Gradio has an XSS on every Gradio server via upload of HTML files, JS files, or SVG files

4 hours ago

GHSA-279j-x4gx-hfrh: Gradio uses insecure communication between the FRP client and server

4 hours ago

GHSA-xh2x-3mrm-fwqm: Gradio has a race condition in update_root_in_config may redirect user traffic

4 hours ago

GHSA-j757-pf57-f8r4: Gradio performs a non-constant-time comparison when comparing hashes

4 hours ago