CLSA-2024-1710436895 squid: Fix of CVE-2024-25617

CVE-2024-25617: Improve handling of expanding HTTP header values to prevent DoS...

CLSA-2024-1710436449 Fix CVE(s): CVE-2024-25617

SECURITY UPDATE: Denial of Service attack against HTTP header parsing - debian/patches/CVE-2024-25617.patch: Improve handling of expanding HTTP header values - CVE-2024-25617...

Cross site scripting

The weForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Referer' HTTP header in all versions up to, and including, 1.6.21 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts...

CVE-2024-0386

CVE-2024-0386 : The weForms plugin for WordPress is vulnerable to a stored XSS via the Referer header in all versions up to 1.6.21, caused by insufficient input sanitization and output escaping. This allows unauthenticated attackers to inject arbitrary scripts that will execute in pages viewed by...

CVE-2024-1226

The CVE-2024-1226 entry concerns Rejetto Http File Server, where the software does not properly neutralize certain characters when data is placed in outgoing HTTP headers. This header injection can allow an attacker to control the HTTP response and potentially perform cross-site scripting and cac...

Description of the security update for SharePoint Server 2019: March 12, 2024 (KB5002562)

Description of the security update for SharePoint Server 2019: March 12, 2024 KB5002562 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2024-21426...

weForms < 1.6.22 - Unauthenticated Stored Cross-Site Scripting via Referer

Description The weForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Referer' HTTP header in all versions up to, and including, 1.6.21 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

BIT-MEDIAWIKI-2021-42045

An issue was discovered in SecurePoll in the Growth extension in MediaWiki through 1.36.2. Simple polls allow users to create alerts by changing their User-Agent HTTP header and submitting a vote...

BIT-GOLANG-2022-41717 Excessive memory growth in net/http and golang.org/x/net/http2

An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate...

BIT-DJANGO-2021-32052

In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 with Python 3.9.5+, URLValidator does not prohibit newlines and tabs unless the URLField form field is used. If an application uses values with newlines in an HTTP response, header injection can occur. Django itself is unaffecte...

BIT-FLINK-2020-17518 Apache Flink directory traversal attack: remote file writing through the REST API

Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Flink 1.5.1. All users should upgrade to Flink 1.11.3 or...

Important: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2023-38944

An issue in Multilaser RE160V firmware v12.03.01.09pt and Multilaser RE163V firmware v12.03.01.10pt allows attackers to bypass the access control and gain complete access to the application via modifying a HTTP header...

Improper access control

An issue in Multilaser RE160V firmware v12.03.01.09pt and Multilaser RE163V firmware v12.03.01.10pt allows attackers to bypass the access control and gain complete access to the application via modifying a HTTP header...

CVE-2022-22399

IBM Aspera Faspex 5.0.0 and 5.0.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM...

Cross site scripting

IBM Aspera Faspex 5.0.0 and 5.0.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM...

CVE-2022-22399 IBM Aspera Faspex HTTP header injection

IBM Aspera Faspex 5.0.0 and 5.0.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM...

CVE-2022-22399 IBM Aspera Faspex HTTP header injection

IBM Aspera Faspex 5.0.0 and 5.0.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM...

HTTP Header Injection

FullStackHero.WebAPI.Boilerplate is vulnerable to HTTP Header Injection. The vulnerability is due to insufficient input validation in the forgotten password functionality. This allows an attacker to manipulate the host header and leak sensitive information...

CVE-2023-38944

CVE-2023-38944 affects Multilaser RE160V (firmware 12.03.01.09_pt) and RE163V (12.03.01.10_pt) with an access-control bypass via HTTP header manipulation, granting full app access. Public exploitation details are not provided in the supplied documents. The PT advisory notes workarounds such as re...