3 matches found
CVE-2021-33580
User controlled request.getHeader"Referer", request.getRequestURL and request.getQueryString are used to build and run a regex expression. The attacker doesn't have to use a browser and may send a specially crafted Referer header programmatically. Since the attacker controls the string and the...
PT-2022-35099 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v3.16 through v6.0.2 Description: A potential memory leak issue exists in the bnx2x tpa stop function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions v3.16...
CVE-2021-33580 regex injection leading to DoS
User controlled request.getHeader"Referer", request.getRequestURL and request.getQueryString are used to build and run a regex expression. The attacker doesn't have to use a browser and may send a specially crafted Referer header programmatically. Since the attacker controls the string and the...