SUSE-SU-2026:20071-1 Security update for python-tornado6

This update for python-tornado6 fixes the following issues: - CVE-2025-67724: unescaped reason argument used in HTTP headers and in HTML default error pages can be used by attackers to launch header injection or XSS attacks bsc1254903. - CVE-2025-67725: quadratic complexity of string concatenatio...

PT-2024-3314 · Tinyproxy +2 · Tinyproxy +2

Name of the Vulnerable Software and Affected Versions: Tinyproxy versions 1.10.0 through 1.11.1 Description: A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy. This vulnerability can be triggered by a specially crafted HTTP header, leading to memory...

Apache Tomcat 9.0.0.M1 < 9.0.83

The version of Tomcat installed on the remote host is prior to 9.0.83. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.83security-9 advisory. - Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-...

Citrix Access Gateway Plug-in for Windows ActiveX Control StartEPA() Method HTTP Response Header Parsing Overflows (CTX134303)

The Citrix Access Gateway ActiveX control for Citrix Access Gateway Enterprise Edition is installed on the remote Windows host. It is the ActiveX component of the Citrix Access Gateway Plug-in for Windows and provides an SSL-based VPN via a web browser. The installed version of this control...

Security Best Practice: Get Yourself Familiar with the Header Rejection Tool

Web servers and applications parse not only the URL, but also the rest of the HTTP header data. Wrong parsing can lead to buffer overrun attacks and other vulnerabilities. Some exploits use the HTTP headers to cause damage. The exploit can be carried in standard headers the Host header for exampl...