what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

CVE-2023-29406

Status Candidate

Overview

The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value.

Related Files

Ubuntu Security Notice USN-7109-1
Posted Nov 14, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7109-1 - Philippe Antoine discovered that Go incorrectly handled crafted HTTP/2 streams. An attacker could possibly use this issue to cause a denial of service. Marten Seemann discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. Ameya Darshan and Jakob Ackermann discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service.

tags | advisory, web, denial of service
systems | linux, ubuntu
advisories | CVE-2022-41723, CVE-2022-41724, CVE-2022-41725, CVE-2023-24531, CVE-2023-24536, CVE-2023-29402, CVE-2023-29403, CVE-2023-29404, CVE-2023-29405, CVE-2023-29406, CVE-2023-39323, CVE-2023-39325, CVE-2023-45288, CVE-2023-45290
SHA-256 | 58c0bd17f1c8113660d80deb0928ae6b2fe30fb7373a788126eaeb55879ba80a
Ubuntu Security Notice USN-7061-1
Posted Oct 10, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7061-1 - Hunter Wittenborn discovered that Go incorrectly handled the sanitization of environment variables. An attacker could possibly use this issue to run arbitrary commands. Sohom Datta discovered that Go did not properly validate backticks as Javascript string delimiters, and did not escape them as expected. An attacker could possibly use this issue to inject arbitrary Javascript code into the Go template.

tags | advisory, arbitrary, javascript
systems | linux, ubuntu
advisories | CVE-2023-24531, CVE-2023-24538, CVE-2023-29402, CVE-2023-29403, CVE-2023-29404, CVE-2023-29405, CVE-2023-29406, CVE-2023-39319, CVE-2023-39325, CVE-2024-24785
SHA-256 | 366aa6bc269ca28c4b992ad13527bd77d7968a9ad5dcd84915ed51954acbe4c1
Red Hat Security Advisory 2024-0293-03
Posted Jan 24, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0293-03 - Red Hat OpenShift Container Platform release 4.14.10 is now available with updates to packages and images that fix several bugs and add enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-29406
SHA-256 | b9617c742c1952bb71f5efa61a3ecba1f86618087a9fd9f38b7a9b98f45a79f9
Red Hat Security Advisory 2023-6840-01
Posted Nov 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-6840-01 - Red Hat OpenShift Container Platform release 4.14.2 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-29406
SHA-256 | bab963d08d50d7234bde1a0c538a78cf7a35ababf4e63c84012455a8f051c094
Red Hat Security Advisory 2023-7202-01
Posted Nov 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7202-01 - An update for the container-tools:4.0 module is now available for Red Hat Enterprise Linux 8.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-29406
SHA-256 | 020672fc866d5a76ec27c8ab4c0f85396c273f276c45ccd0bb27d9c8a2ca2b2f
Red Hat Security Advisory 2023-6298-01
Posted Nov 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-6298-01 - Red Hat OpenShift Serverless 1.30.2 is now available. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-29406
SHA-256 | b4507f5ccd33796cbaf7a9b1f53dd6bb56374bf51a977d80d0f9dc8e5a10b82d
Red Hat Security Advisory 2023-6296-01
Posted Nov 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-6296-01 - Red Hat OpenShift Serverless version 1.30.2 is now available. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-29406
SHA-256 | b2dfab88a4ebf76616241f381d86ed379f3b258cf2f4d1d1414d028b866a5395
Red Hat Security Advisory 2023-6161-01
Posted Oct 30, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-6161-01 - The Migration Toolkit for Containers 1.7.14 is now available. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-29406
SHA-256 | 03585b8e48b66d9c2192b3617a3ea539aa0efac6f83d44cbe1bc778c5783cff6
Red Hat Security Advisory 2023-6115-01
Posted Oct 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-6115-01 - An update is now available for OADP-1.1-RHEL-8. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-29406
SHA-256 | 379b4052705eac35f9923377df0b7fedc69338799bcecb31dd49ed206a4820e7
Red Hat Security Advisory 2023-5933-01
Posted Oct 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5933-01 - Secondary Scheduler Operator for Red Hat OpenShift 1.1.3. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-29406
SHA-256 | 7586b941b31ded9f50c06d9886ab07e4cbf940b1cff93ae6b857ffc5a119540b
Red Hat Security Advisory 2023-6085-01
Posted Oct 25, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-6085-01 - An update is now available for Red Hat Openshift distributed tracing 2.9. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-29406
SHA-256 | 977513af9750805d61ffa0f635fa04f5ddf7e51118fc70adf0702f7bb3935f05
Red Hat Security Advisory 2023-5974-01
Posted Oct 23, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5974-01 - An update for network-observability-console-plugin-container, network-observability-ebpf-agent-container, network-observability-flowlogs-pipeline-container, network-observability-operator-bundle-container, and network-observability-operator-container is now available for NETWORK-OBSERVABILITY-1.4.0-RHEL-9. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-29406
SHA-256 | 941682e2c8424c3f97c8e09d452e71a1fd56320013f38a7bb6dfcdcbdbd8348f
Red Hat Security Advisory 2023-5965-01
Posted Oct 23, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5965-01 - An update for collectd-libpod-stats and etcd is now available for Red Hat OpenStack Platform 16.2.5. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-29406
SHA-256 | 8365f1094567035e0c96ba9d8134d4f8ba4db3eac3914acf114f0a6f56d5d65f
Red Hat Security Advisory 2023-5530-01
Posted Oct 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5530-01 - Logging Subsystem 5.7.7 - Red Hat OpenShift. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-29406
SHA-256 | e6e7148e0c7e4ce6069bad6b2bb2773ea77ae066bb0409057603d8da8ff98c9c
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close