Summary
SwiftNIO NIOHTTP1: HTTPDecoder accepts unbounded HTTP/1 header blocks, enabling remote DoS
References
Related vulnerabilities
All Supply chain →- HIGHGHSA-5W86-C3RQ-VJJ7
Netty: Unbounded pre-allocation in RedisArrayAggregator from RESP array length
- CRITICALGHSA-X223-P2GF-V735
Langflow: Unauthenticated file upload leads to DoS (space exhaustion) and information leak
- HIGHGHSA-72GW-MP4G-V24J
Multer vulnerable to Denial of Service via deeply nested field names
- MEDIUMGHSA-J543-4VMF-QM7V
pypdf: Possible large memory usage for form XObjects during text extraction
- MEDIUMGHSA-WJQC-6W8F-H24C
pypdf: Manipulated XMP metadata streams can exhaust RAM
- MEDIUMGHSA-563Q-J3CM-6JXM
Netty susceptible to HTTP/2 Reset Attack with different on-the-wire signature