There are no known workarounds for this vulnerability.Īiohttp is an asynchronous HTTP client/server framework for asyncio and Python. This vulnerability has been addressed in release 3.8.0 of aiohttp. The impact of this vulnerability is that it is possible to bypass any proxy rule, poisoning sockets to other users like passing Authentication Headers, also if it is present an Open Redirect an attacker could combine it to redirect random users to another website and log the request. As aiohttp parses anything with chunked, we can pass a chunked123 as TE, the frontend entity will ignore this header and will parse Content-Length. A possible Proof-of-Concept (POC) would be a configuration with a reverse proxy(frontend) that accepts both CL and TE headers and aiohttp as backend. HTTP/1.1 is a persistent protocol, if both Content-Length(CL) and Transfer-Encoding(TE) header values are present it can lead to incorrect interpretation of two entities that parse the HTTP and we can poison other sockets with this incorrect interpretation. Affected versions of aiohttp have a security vulnerability regarding the inconsistent interpretation of the http protocol. GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a stack overflow via the hevc_parse_vps_extension function at /media_tools/av_parsers.c.Īiohttp is an asynchronous HTTP client/server framework for asyncio and Python. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. This could lead to an out-of-bounds read. Santesoft Sante FFT Imaging lacks proper validation of user-supplied data when parsing DICOM files. This could allow an attacker to execute code in the context of the current process. We recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.ĭelta Electronics DIAScreen may write past the end of an allocated buffer while parsing a specially crafted input file. In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free. A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |