Lucene search
+L

114 matches found

OpenVAS
OpenVAS
added 2022/11/17 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2022:4013-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.0069EPSS
Exploits1References2
OSV
OSV
added 2022/11/16 10:7 a.m.6 views

SUSE-SU-2022:4010-1 Security update for apache2-mod_wsgi

This update for apache2-modwsgi fixes the following issues: - CVE-2022-2255: Hardened the trusted proxy header filter to avoid bypass. bsc1201634...

7.5CVSS7.4AI score0.0069EPSS
Exploits1References3
CBLMariner
CBLMariner
added 2022/11/03 10:13 p.m.11 views

CVE-2022-2255 affecting package mod_wsgi for versions less than 4.9.3-2

CVE-2022-2255 affecting package modwsgi for versions less than 4.9.3-2. An upgraded version of the package is available that resolves this issue...

7.5CVSS7.5AI score0.0069EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/09/17 12:0 a.m.15 views

Debian: Security Advisory (DLA-3111-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.0069EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2022/09/16 12:0 a.m.32 views

Debian dla-3111 : libapache2-mod-wsgi - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3111 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3111-1 [email protected] https://www.debian.org/lts/security/...

7.5CVSS7.1AI score0.0069EPSS
Exploits1References4
Debian
Debian
added 2022/09/15 9:43 p.m.48 views

[SECURITY] [DLA 3111-1] mod-wsgi security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3111-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz September 15, 2022 https://wiki.debian.org/LTS -...

7.5CVSS7.4AI score0.0069EPSS
Exploits1
Circl
Circl
added 2022/08/25 10:24 p.m.3 views

CVE-2022-2255

creationtimestamp| type| source ---|---|--- 2022-08-25 22:24:07+00:00| seen| https://t.me/cibsecurity/48796 2026-04-02 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0395/...

7.5CVSS7.2AI score0.0069EPSS
Exploits1References2
CVE
CVE
added 2022/08/25 5:26 p.m.341 views

CVE-2022-2255

CVE-2022-2255 affects mod_wsgi: a request from an untrusted proxy can carry the X-Client-IP header to the WSGI app because the removal condition is missing. Impact: potential header spoofing bypass. Affected versions are older mod_wsgi; multiple advisories indicate remediation via upgrading to no...

7.5CVSS7.1AI score0.0069EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/08/25 5:26 p.m.39 views

CVE-2022-2255

A vulnerability was found in modwsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing...

7.5CVSS7.4AI score0.0069EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2022/08/22 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2022-0289)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.0069EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2022/08/05 12:0 a.m.34 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : mod-wsgi vulnerability (USN-5551-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5551-1 advisory. It was discovered that mod-wsgi did not correctly remove the X-Client-IP header when processing requests from untrusted proxies. A remote...

7.5CVSS7.3AI score0.0069EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/08/05 12:0 a.m.17 views

Ubuntu: Security Advisory (USN-5551-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.0069EPSS
Exploits1References2
OSV
OSV
added 2021/04/22 10:15 p.m.3 views

CVE-2021-2255

Vulnerability in the Oracle Service Contracts product of Oracle E-Business Suite component: Authoring. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Service Contracts...

8.1CVSS6.8AI score0.00931EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2021/04/22 9:53 p.m.14 views

CVE-2021-2255

Vulnerability in the Oracle Service Contracts product of Oracle E-Business Suite component: Authoring. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Service Contracts...

8.1CVSS6.8AI score0.00931EPSS
Exploits1References1
CVE
CVE
added 2021/04/22 9:53 p.m.67 views

CVE-2021-2255

CVE-2021-2255 is a vulnerability in Oracle E-Business Suite, specifically the Oracle Service Contracts Authoring component. Affected versions are 12.1.1–12.1.3; an unauthenticated, low-privileged attacker with network access via HTTP can compromise Oracle Service Contracts, leading to unauthorize...

8.1CVSS8.1AI score0.00931EPSS
Exploits1References1Affected Software1
RedHat Linux
RedHat Linux
added 2020/11/17 4:40 a.m.74 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 3.11.318 jenkins-2-plugins security update

An update for jenkins-2-plugins is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

6.5CVSS6.1AI score0.02126EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/10/27 2:53 p.m.96 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.6.1 package security update

An update for jenkins-2-plugins, openshift-clients, podman, runc, and skopeo is now available for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

9.9CVSS6.7AI score0.0473EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2020/09/18 4:0 p.m.29 views

CVE-2020-2255

A missing permission check in Jenkins Blue Ocean Plugin 1.23.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...

4.3CVSS4.5AI score0.00849EPSS
Exploits0References5
NVD
NVD
added 2020/09/16 2:15 p.m.31 views

CVE-2020-2255

A missing permission check in Jenkins Blue Ocean Plugin 1.23.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...

4.3CVSS0.00849EPSS
Exploits0References2
CVE
CVE
added 2020/09/16 1:20 p.m.125 views

CVE-2020-2255

CVE-2020-2255: Jenkins Blue Ocean Plugin 1.23.2 and earlier has a missing permission check in HTTP endpoints used for connection tests. This allows attackers with Overall/Read permission to connect to an attacker-specified URL from the vulnerable instance. The issue is documented across multiple ...

4.3CVSS4.2AI score0.00849EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder