You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Denial of Service (DoS)
Vulnerable module: scapy
Introduced through: scapy@2.4.0
Detailed paths
Introduced through: github/glb-director@github/glb-director#5e1edd0a0fe057320fc30f6ad850c9878c607882 › scapy@2.4.0
Remediation: Upgrade to scapy@2.4.1.
Overview
scapy is a Python-based interactive packet manipulation program and library.
Affected versions of this package are vulnerable to Denial of Service (DoS) due to a lack of input validation when reading the length field in the RADIUS packet’s Attribute Value Pairs (AVP). When Scapy parses a UDP Radius packet that has an AVP with a length byte equal to zero, the getfield function doesn’t shorten the remain value in the while loop.
The text was updated successfully, but these errors were encountered:
Denial of Service (DoS)
Vulnerable module: scapy
Introduced through: scapy@2.4.0
Detailed paths
Introduced through: github/glb-director@github/glb-director#5e1edd0a0fe057320fc30f6ad850c9878c607882 › scapy@2.4.0
Remediation: Upgrade to scapy@2.4.1.
Overview
scapy is a Python-based interactive packet manipulation program and library.
Affected versions of this package are vulnerable to Denial of Service (DoS) due to a lack of input validation when reading the length field in the RADIUS packet’s Attribute Value Pairs (AVP). When Scapy parses a UDP Radius packet that has an AVP with a length byte equal to zero, the getfield function doesn’t shorten the remain value in the while loop.
The text was updated successfully, but these errors were encountered: