CVE-2024-49768 | Pylons Waitress up to 3.0.0 on Python HTTP Pipelining recv_bytes toctou

Posted by Angelo Barbosa | Oct 29, 2024 | CVE

A vulnerability classified as problematic has been found in Pylons Waitress up to 3.0.0 on Python. Affected is the function recv_bytes of the component HTTP Pipelining Handler. The manipulation leads to time-of-check time-of-use.

This vulnerability is traded as CVE-2024-49768. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-49768 | Pylons Waitress up to 3.0.0 on Python HTTP Pipelining recv_bytes toctou

Related Posts

CVE-2024-25391 | RT-Thread up to 5.0.2 libc/posix/ipc/mqueue.c stack-based overflow (Issue 8287)

CVE-2024-20361 | Cisco FirePOWER Management Center Access Control List access control (cisco-sa-fmc-object-bypass-fTH8tDjq)

CVE-2024-44553 | Tenda AX1806 1.0.0.1 formGetIptv iptv.stb.mode stack-based overflow

CVE-2024-7920 | Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805 GetParkInThroughDeivces access control