CVE-2024-49768 | Pylons Waitress up to 3.0.0 on Python HTTP Pipelining recv_bytes toctou

Posted by Angelo Barbosa | Oct 29, 2024 | CVE

A vulnerability classified as problematic has been found in Pylons Waitress up to 3.0.0 on Python. Affected is the function recv_bytes of the component HTTP Pipelining Handler. The manipulation leads to time-of-check time-of-use.

This vulnerability is traded as CVE-2024-49768. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-49768 | Pylons Waitress up to 3.0.0 on Python HTTP Pipelining recv_bytes toctou

Related Posts

CVE-2023-32454 | Dell DUP Framework up to 4.9.4.36 on Windows Mount unknown vulnerability (dsa-2023-192)

CVE-2023-6887 | saysky ForestBlog up to 20220630 Image Upload /admin/upload/img filename unrestricted upload

CVE-2022-48667 | Linux Kernel up to 5.19.11/6.0 smb3 memory corruption (0cdde8460c30/9c8b7a293f50)

CVE-2024-27966 | ExpressTech Quiz and Survey Master Plugin up to 8.2.2 on WordPress cross site scripting