Lucene search
K

337 matches found

Github Security Blog
Github Security Blog
added 2024/11/25 7:39 p.m.31 views

Keycloak proxy header handling Denial-of-Service (DoS) vulnerability

Keycloak versions 26 and earlier are vulnerable to a denial-of-service DoS attack through improper handling of proxy headers. When Keycloak is configured to accept incoming proxy headers, it may accept non-IP values, such as obfuscated identifiers, without proper validation. This can lead to cost...

4.7CVSS6.7AI score0.00399EPSS
Exploits0References10Affected Software1
Github Security Blog
Github Security Blog
added 2024/11/25 9:30 a.m.15 views

Duplicate Advisory: Keycloak proxy header handling Denial-of-Service (DoS) vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-jgwc-jh89-rpgq. This link is maintained to preserve external references. Original Description A vulnerability was found in the Keycloak Server. The Keycloak Server is vulnerable to a denial of service DoS attack...

4.7CVSS6.9AI score0.00399EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2024/11/25 7:29 a.m.54 views

CVE-2024-9666 Org.keycloak/keycloak-quarkus-server: keycloak proxy header handling denial-of-service (dos) vulnerability

A vulnerability was found in the Keycloak Server. The Keycloak Server is vulnerable to a denial of service DoS attack due to improper handling of proxy headers. When Keycloak is configured to accept incoming proxy headers, it may accept non-IP values, such as obfuscated identifiers, without prope...

4.7CVSS0.00399EPSS
Exploits0References6
CVE
CVE
added 2024/11/25 7:29 a.m.303 views

CVE-2024-9666

CVE-2024-9666 – Keycloak DoS via proxy-header handling . The Keycloak Server is vulnerable to a denial-of-service when configured to accept proxy headers and behind a reverse proxy that does not overwrite incoming headers. Non-IP values (e.g., obfuscated identifiers) may be accepted without prope...

4.7CVSS5.5AI score0.00399EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2024/11/21 4:52 p.m.11 views

CVE-2024-9666

A vulnerability was found in the Keycloak Server. The Keycloak Server is vulnerable to a denial of service DoS attack due to improper handling of proxy headers. When Keycloak is configured to accept incoming proxy headers, it may accept non-IP values, such as obfuscated identifiers, without prope...

4.7CVSS6.5AI score0.00399EPSS
Exploits0References3
Amazon
Amazon
added 2024/10/14 12:0 a.m.5 views

Medium: python-dns

Issue Overview: eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred...

7CVSS9.2AI score0.01857EPSS
Exploits1
Amazon
Amazon
added 2024/10/02 12:0 a.m.24 views

Medium: python-dns

Issue Overview: eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred...

7CVSS6.8AI score0.01857EPSS
Exploits1
Veracode
Veracode
added 2024/08/27 1:48 p.m.19 views

Race Condition

k8s.io/kubernetes is vulnerable to Race Condition. The vulnerability is caused due to Kubernetes attempts to prevent proxied connections from accessing link-local or localhost networks when making user-driven connections to Services, Pods, Nodes, or StorageClass service providers. As part of this...

3.5CVSS7AI score0.01082EPSS
Exploits0References5Affected Software1
OpenVAS
OpenVAS
added 2024/08/20 12:0 a.m.16 views

openSUSE Security Advisory (SUSE-SU-2024:2655-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS7.2AI score0.01857EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/07/31 12:0 a.m.3 views

SUSE: Security Advisory (SUSE-SU-2024:2655-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS7.2AI score0.01857EPSS
Exploits1References4
CVE
CVE
added 2024/07/08 3:32 p.m.94 views

CVE-2024-39699

Directus has a Blind SSRF via redirects in file import. The vulnerability arises because redirects are allowed during URL-based imports and the response URL isn’t validated, enabling requests to internal IPs (e.g., 127.0.0.1) despite earlier fixes that only validated DNS/internal IPs. The issue i...

5CVSS5.3AI score0.00435EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2024/07/08 3:25 p.m.22 views

Directus Blind SSRF On File Import

Summary There was already a reported SSRF vulnerability via file import. https://github.com/directus/directus/security/advisories/GHSA-j3rg-3rgm-537h It was fixed by resolving all DNS names and checking if the requested IP is an internal IP address. However it is possible to bypass this security...

5CVSS5.5AI score0.00435EPSS
Exploits1References4Affected Software1
GithubExploit
GithubExploit
added 2024/07/02 4:9 a.m.1142 views

Exploit for Race Condition in Openbsd Openssh

SSH Vulnerability Scanner The SSH Vulnerability Scanner is a...

8.1CVSS8.2AI score0.99506EPSS
Exploits68
RedhatCVE
RedhatCVE
added 2024/06/03 9:3 a.m.25 views

CVE-2024-36031

In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set ...

4.4CVSS6.4AI score0.00747EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/05/30 4:15 p.m.34 views

CVE-2024-36031

In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set ...

9.8CVSS6.4AI score0.00747EPSS
Exploits0References23
Cvelist
Cvelist
added 2024/05/30 3:23 p.m.38 views

CVE-2024-36031 keys: Fix overwrite of key expiration on instantiation

In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set ...

7.3AI score0.00747EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/05/30 3:23 p.m.26 views

CVE-2024-36031 keys: Fix overwrite of key expiration on instantiation

In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set ...

6.7AI score0.00747EPSS
Exploits0References7
OSV
OSV
added 2024/05/30 3:23 p.m.19 views

CVE-2024-36031 keys: Fix overwrite of key expiration on instantiation

In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set ...

9.8CVSS5.9AI score0.00747EPSS
Exploits0References11
OSV
OSV
added 2024/04/19 11:7 a.m.6 views

OESA-2024-1468 docker security update

Docker is an open source project to build, ship and run any application as a lightweight container. Security Fixes: Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking...

7.5CVSS4.4AI score0.0075EPSS
Exploits0References2
OSV
OSV
added 2024/04/19 11:7 a.m.8 views

OESA-2024-1465 docker security update

Docker is an open source project to build, ship and run any application as a lightweight container. Security Fixes: Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking...

7.5CVSS4.4AI score0.0075EPSS
Exploits0References2
Rows per page
Query Builder