Количество 10
Количество 10
GHSA-3f84-rpwh-47g6
Waitress vulnerable to DoS leading to high CPU usage/resource exhaustion
CVE-2024-49769
Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername() waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer exists, but not removing it from the list of sockets to attempt to process. This leads to a busy-loop calling the write function. A remote attacker could run waitress out of available sockets with very little resources required. Waitress 3.0.1 contains fixes that remove the race condition.
CVE-2024-49769
Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername() waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer exists, but not removing it from the list of sockets to attempt to process. This leads to a busy-loop calling the write function. A remote attacker could run waitress out of available sockets with very little resources required. Waitress 3.0.1 contains fixes that remove the race condition.
CVE-2024-49769
Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername() waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer exists, but not removing it from the list of sockets to attempt to process. This leads to a busy-loop calling the write function. A remote attacker could run waitress out of available sockets with very little resources required. Waitress 3.0.1 contains fixes that remove the race condition.
CVE-2024-49769
CVE-2024-49769
Waitress is a Web Server Gateway Interface server for Python 2 and 3. ...
SUSE-SU-2024:4107-1
Security update for python-waitress
BDU:2024-10887
Уязвимость функции getpeername() WSGI сервера для python Waitress, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2024:3876-1
Security update for python-waitress
ROS-20250922-10
Уязвимость python3-waitress
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-3f84-rpwh-47g6 Waitress vulnerable to DoS leading to high CPU usage/resource exhaustion | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
 | CVE-2024-49769 Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername() waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer exists, but not removing it from the list of sockets to attempt to process. This leads to a busy-loop calling the write function. A remote attacker could run waitress out of available sockets with very little resources required. Waitress 3.0.1 contains fixes that remove the race condition. | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
 | CVE-2024-49769 Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername() waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer exists, but not removing it from the list of sockets to attempt to process. This leads to a busy-loop calling the write function. A remote attacker could run waitress out of available sockets with very little resources required. Waitress 3.0.1 contains fixes that remove the race condition. | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
 | CVE-2024-49769 Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername() waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer exists, but not removing it from the list of sockets to attempt to process. This leads to a busy-loop calling the write function. A remote attacker could run waitress out of available sockets with very little resources required. Waitress 3.0.1 contains fixes that remove the race condition. | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
 | CVSS3: 7.5 | 1% Низкий | 10 месяцев назад | |
| CVE-2024-49769 Waitress is a Web Server Gateway Interface server for Python 2 and 3. ... | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
 | SUSE-SU-2024:4107-1 Security update for python-waitress | 1% Низкий | около 1 года назад | |
 | BDU:2024-10887 Уязвимость функции getpeername() WSGI сервера для python Waitress, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
| SUSE-SU-2024:3876-1 Security update for python-waitress | около 1 года назад | ||
 | ROS-20250922-10 Уязвимость python3-waitress | CVSS3: 7.5 | 1% Низкий | 4 месяца назад |
Уязвимостей на страницу