URL Parsing-Library Bugs Allow DoS, RCE, Spoofing & More

by TimeChangeEverything - 11 January, 2022 - 03:56 AM

This post is by a banned member (TimeChangeEverything) - Unhide

TimeChangeEverything

41.907
Posts

14.549
Threads

6 Years of service

OP 11 January, 2022 - 03:56 AM

Quote:Eight different security vulnerabilities arising from inconsistencies among 16 different URL parsing libraries could allow denial-of-service (DoS) conditions, information leaks and remote code execution (RCE) in web applications. The bugs were found in third-party web packages written for various languages. Those afflicted are Flask (a micro web framework written in Python), Video.js (an HTML5 video player), Belledonne (free VoIP and IP video phone), Nagios XI (network and server monitoring) and Clearance (password authentication for Ruby)

Source: https://threatpost.com/url-parsing-bugs-...ng/177493/

Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account Sign up for a new account in our community. It's easy! Register a new account	or	Sign in Already have an account? Sign in here. Sign in now

Forum Jump:

Users browsing this thread: 1 Guest(s)

Login
Username:
Password:	Lost Password?
	Remember me

URL Parsing-Library Bugs Allow DoS, RCE, Spoofing & More

About Cracked.sh

Navigation

Extras

Help

Account