Security
Headlines
HeadlinesLatestCVEs

Tag

#dos

Red Hat Security Advisory 2024-4450-03

Red Hat Security Advisory 2024-4450-03 - An update for dotnet8.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.

Packet Storm
#vulnerability#linux#red_hat#dos#js#asp.net
Red Hat Security Advisory 2024-4439-03

Red Hat Security Advisory 2024-4439-03 - An update for dotnet6.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-4438-03

Red Hat Security Advisory 2024-4438-03 - An update for dotnet6.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-4421-03

Red Hat Security Advisory 2024-4421-03 - An update for the python39:3.9 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.

GHSA-fq54-2j52-jc42: Next.js Denial of Service (DoS) condition

### Impact A Denial of Service (DoS) condition was identified in Next.js. Exploitation of the bug can trigger a crash, affecting the availability of the server. **This vulnerability can affect all Next.js deployments on the affected versions.** ### Patches This vulnerability was resolved in Next.js 13.5 and later. We recommend that users upgrade to a safe version. ### Workarounds There are no official workarounds for this vulnerability. #### Credit We'd like to thank Thai Vu of [flyseccorp.com](http://flyseccorp.com/) for responsible disclosure of this vulnerability.

GHSA-f6f8-9mx6-9mx2: Django vulnerable to Denial of Service

An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. `get_supported_language_variant()` was subject to a potential denial-of-service attack when used with very long strings containing specific characters.

GHSA-qg2p-9jwr-mmqf: Django vulnerable to Denial of Service

An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets.

GHSA-vjpv-x8p9-7p85: images vulnerable to Denial of Service

All versions of the package images are vulnerable to Denial of Service (DoS) due to providing unexpected input types to several different functions. This makes it possible to reach an assert macro, leading to a process crash. **Note:** By providing some specific integer values (like 0) to the size function, it is possible to obtain a Segmentation fault error, leading to the process crash.

GHSA-w5fc-gj3h-26rx: speaker vulnerable to Denial of Service

All versions of the package speaker are vulnerable to Denial of Service (DoS) when providing unexpected input types to the channels property of the Speaker object makes it possible to reach an assert macro. Exploiting this vulnerability can lead to a process crash.

GHSA-43wq-xrcm-3vgr: @discordjs/opus vulnerable to Denial of Service

All versions of the package @discordjs/opus are vulnerable to Denial of Service (DoS) due to providing an input object with a property toString to several different functions. Exploiting this vulnerability could lead to a system crash.