CVE-2024-6284 : GOOGLE NFTABLES UP TO 0.1.0 ADDSET INPUT VALIDATION

Description

In https://github.com/google/nftables IP addresses were encoded in the wrong byte order, resulting in an nftables configuration which does not work as intended (might block or not block the desired addresses). This issue affects: https://pkg.go.dev/github.com/google/nftables@v0.1.0 The bug was fixed in the next released version: https://pkg.go.dev/github.com/google/nftables@v0.2.0

References

https://github.com/google/nftables/issues/225

https://github.com/crowdsecurity/cs-firewall-bouncer/issues/368

https://bugs.launchpad.net/ubuntu/+source/crowdsec-firewall-bouncer/+bug/2069596

For More Information

CVERecord

Contact us to get started

CVE-2024-6284 : GOOGLE NFTABLES UP TO 0.1.0 ADDSET INPUT VALIDATION

Description In https://github.com/google/nftables IP addresses were encoded in the wrong byte order, resulting in an nftables configuration which does not

Learn more

CVE-2024-34750 : APACHE TOMCAT UP TO 9.0.89/10.1.24/11.0.0-M20 HTTP/2 STREAM EXCEPTIONAL CONDITION

Description Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did

Learn more

CVE-2024-35227 : DISCOURSE UP TO 3.3.0.BETA2/3.2.2 URL DENIAL OF SERVICE

Description Discourse is an open-source discussion platform. Prior to version 3.2.3 on the `stable` branch and version 3.3.0.beta3 on the

Learn more

CVE-2024-6284 : GOOGLE NFTABLES UP TO 0.1.0 ADDSET INPUT VALIDATION

Description

References

For More Information

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-6284 : GOOGLE NFTABLES UP TO 0.1.0 ADDSET INPUT VALIDATION

CVE-2024-34750 : APACHE TOMCAT UP TO 9.0.89/10.1.24/11.0.0-M20 HTTP/2 STREAM EXCEPTIONAL CONDITION

CVE-2024-35227 : DISCOURSE UP TO 3.3.0.BETA2/3.2.2 URL DENIAL OF SERVICE