WebSocket - CVE CyberSecurity Database News (Page 5)

Sep 23, 2022 WebSocket Apache

CVE-2022-33682

The Apache Pulsar Broker, Proxy, and WebSocket Proxy clients communicate with each other over a secured connection using the pulsar+ssl protocol. The SSL/TLS

Sep 12, 2022 WebSocket

CVE-2022-37797 In lighttpd 1.4.65, mod_wstunnel doesn't initialize a handler function pointer if an invalid HTTP request is received. This leads to a crash.

mod_wstunnel 1.0.9 and later is not affected by this issue. * mod_wstunnel 1.0.9 and later is not affected by this

Jul 28, 2022 WebSocket Google Chrome

CVE-2022-2165 URLs in Google Chrome prior to 103.0.5060.53 were not validated properly and were vulnerable to domain spoofing.

Chrome prior to 103.0.5060.54, Firefox prior to 52.0, and Opera prior to 55.0 did not prevent access to domains with

May 12, 2022 WebSocket

CVE-2022-22971 Spring versions before 5.3.20 and 5.2.22 were vulnerable to a DoS attack with STOMP over WebSocket.

In such a scenario, the user connects to the authenticated server and sends a message to the STOMP over WebSocket endpoint (such as “hello” or

Mar 18, 2022 Exploit WebSocket

CVE-2022-24595 - Incorrect Access Control in Automotive Grade Linux Kooky Koi 11.x Versions

A critical vulnerability has been discovered in the Automotive Grade Linux (AGL) Kooky Koi 11.., 11..1, 11..2, 11..3, 11..4, and 11.