An issue has been found in sniproxy, a transparent TLS and HTTP layer 4 proxy with SNI support. Due to bad handling of wildcard backend hosts, a crafted HTTP or TLS packet might lead to remote arbitrary code execution.
An arbitrary file reads from malformed XML payload vulnerbility was discovered in owslib, the Python client library for Open Geospatial web services. This issue has been addressed by always using lxml as the XML parser with entity resolution disabled.
Several vulnerabilities were discovered in python-werkzeug, a collection of utilities for WSGI applications. CVE-2023-23934 It was discovered that Werkzeug did not properly handle the parsing of nameless cookies which may allow shadowing of other cookies. CVE-2023-25577 It was discovered that Werkzeug could parse unlimited number of parts, including file parts, which may result in denial of servic ...
Two vulnerabilities were discovered in HAProxy, a fast and reliable load balancing reverse proxy, which may result in denial of service, or bypass of access controls and routing rules via specially crafted requests.
Two vulnerabilities were discovered in HAProxy, a fast and reliable load balancing reverse proxy, which may result in denial of service, or bypass of access controls and routing rules via specially crafted requests.
Kostya Kortchinsky discovered a stack-based buffer overflow vulnerability in the VPNv4 NLRI parser in bgpd in quagga, a BGP/OSPF/RIP routing daemon. A remote attacker can exploit this flaw to cause a denial of service , or potentially, execution of arbitrary code, if bgpd is configured with BGP peers enabled for VPNv4.
Hanno Boeck discovered a heap-based buffer overflow flaw in the way Libtasn1, a library to manage ASN.1 structures, decoded certain DER-encoded input. A specially crafted DER-encoded input could cause an application using the Libtasn1 library to crash, or potentially to execute arbitrary code.