28 matches found
OpenFGA Authorization Bypass
Overview OpenFGA v1.3.8 to v1.8.2 Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2 are vulnerable to authorization bypass when certain Check and ListObject calls are executed. Am I Affected? You are affected by this authorization bypass vulnerability if you are using OpenFGA...
GHSA-32Q6-RR98-CJQV OpenFGA Authorization Bypass
Overview OpenFGA v1.3.8 to v1.8.2 Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2 are vulnerable to authorization bypass when certain Check and ListObject calls are executed. Am I Affected? You are affected by this authorization bypass vulnerability if you are using OpenFGA...
OhDear Integration - Moderately critical - Access bypass - SA-CONTRIB-2024-056
Integrates your Drupal website with the Oh Dear monitoring app. Cached data of monitoring results is accessible to non-logged in users when caching is enabled on the module. This vulnerability is mitigated by the fact that it only affects sites where caching is enabled for OhDear report healthche...
Nextcloud 安全漏洞
Nextcloud is a suite of open source, self-hosted file synchronization and sharing communication application platform from Nextcloud Germany. A security vulnerability exists in Nextcloud serve, which stems from a sharing conflict that can occur in recipients when caching is enabled. Affected...
Shopware 授权问题漏洞
Shopware is a suite of open source e-commerce software from the German company Shopware. Shopware is vulnerable to an access control error that stems from not properly setting sensitive HTTP headers to non-cacheable, which could be exploited by an attacker to enable HTTP caching and then have...
httpd: NULL pointer dereference in mod_cache if Content-Type has empty value
A NULL pointer dereference flaw was found in the way the modcache httpd module handled Content-Type headers. A malicious HTTP server could cause the httpd child process to crash when the Apache HTTP server was configured to proxy to a server with caching enabled...
DEBIAN-CVE-2007-1863
cacheutil.c in the modcache module in Apache HTTP Server httpd, when caching is enabled and a threaded Multi-Processing Module MPM is used, allows remote attackers to cause a denial of service child processing handler crash via a request with the 1 s-maxage, 2 max-age, 3 min-fresh, or 4 max-stale...
Alert: Vulnerability in frox transparent ftp proxy.
There is a security hole in all the 0.6.x versions of the frox transparent ftp proxy up to and including version 0.6.6. Version 0.6.7 fixes this vulnerability, and upgrading to this is advised. Development snapshots are also affected up to and including frox-20011031.tar.gz. The vulnerability is...