exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2021-21419

почти 5 лет назад

Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data frame. A patch in version 0.31.0 restricts websocket frame to reasonable limits. As a workaround, restricting memory usage via OS limits would help against overall machine exhaustion, but there is no workaround to protect Eventlet process.

CVSS3: 5.3

EPSS: Низкий

CVE-2021-21419

почти 5 лет назад

Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data frame. A patch in version 0.31.0 restricts websocket frame to reasonable limits. As a workaround, restricting memory usage via OS limits would help against overall machine exhaustion, but there is no workaround to protect Eventlet process.

CVSS3: 5.3

EPSS: Низкий

CVE-2021-21419

почти 5 лет назад

Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data frame. A patch in version 0.31.0 restricts websocket frame to reasonable limits. As a workaround, restricting memory usage via OS limits would help against overall machine exhaustion, but there is no workaround to protect Eventlet process.

CVSS3: 5.3

EPSS: Низкий

CVE-2021-21419

почти 5 лет назад

Eventlet is a concurrent networking library for Python. A websocket pe ...

CVSS3: 5.3

EPSS: Низкий

GHSA-9p9m-jm8w-94p2

почти 5 лет назад

Improper Handling of Highly Compressed Data (Data Amplification) and Memory Allocation with Excessive Size Value in eventlet

CVSS3: 5.3

EPSS: Низкий

BDU:2021-04421

больше 4 лет назад

Уязвимость сетевой библиотеки Eventlet программного обеспечения Python, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю выполнить отказ в обслуживании

CVSS3: 5.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2021-21419 Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data frame. A patch in version 0.31.0 restricts websocket frame to reasonable limits. As a workaround, restricting memory usage via OS limits would help against overall machine exhaustion, but there is no workaround to protect Eventlet process.	CVSS3: 5.3	0% Низкий	почти 5 лет назад
CVE-2021-21419 Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data frame. A patch in version 0.31.0 restricts websocket frame to reasonable limits. As a workaround, restricting memory usage via OS limits would help against overall machine exhaustion, but there is no workaround to protect Eventlet process.	CVSS3: 5.3	0% Низкий	почти 5 лет назад
CVE-2021-21419 Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data frame. A patch in version 0.31.0 restricts websocket frame to reasonable limits. As a workaround, restricting memory usage via OS limits would help against overall machine exhaustion, but there is no workaround to protect Eventlet process.	CVSS3: 5.3	0% Низкий	почти 5 лет назад
CVE-2021-21419 Eventlet is a concurrent networking library for Python. A websocket pe ...	CVSS3: 5.3	0% Низкий	почти 5 лет назад
GHSA-9p9m-jm8w-94p2 Improper Handling of Highly Compressed Data (Data Amplification) and Memory Allocation with Excessive Size Value in eventlet	CVSS3: 5.3	0% Низкий	почти 5 лет назад
BDU:2021-04421 Уязвимость сетевой библиотеки Eventlet программного обеспечения Python, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю выполнить отказ в обслуживании	CVSS3: 5.3	0% Низкий	больше 4 лет назад

Уязвимостей на страницу