SummaryDenial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption. Prod...
SummaryApplications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address, resulting in abnormal termination of the applicat...
Summary OpenSSH sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an ObscureKeystrokeTiming logic error. Similarly, other timing attacks against keystr...
SamPirok
on:
Security Advisory: SA-2022-004 – Spring Framework
