GO-2021-0108 CRLF vulnerability in Fiber in github.com/gofiber/fiber

Due to improper input sanitization, a maliciously constructed filename could cause a file download to use an attacker controlled filename, as well as injecting additional headers into an HTTP response...

openSUSE 15 Security Update : ceph (openSUSE-SU-2021:1834-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1834-1 advisory. - A flaw was found in Red Hat Ceph Storage 4, in the Dashboard component. In response to CVE-2020-27839, the JWT token was moved from...

Advisory ROSA-SA-2021-1921

Software: modauthmellon 0.14.0 OS: Cobalt 7.9 CVE-ID: CVE-2019-3878 CVE-Crit: HIGH CVE-DESC: A vulnerability was discovered in modauthmellon before v0.14.2. If Apache is configured as a reverse proxy server and modauthmellon is configured to allow only authenticated users with the require...

Ubuntu 20.04 LTS : Ceph vulnerabilities (USN-4998-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4998-1 advisory. It was discovered that in some situations Ceph logged passwords from the mgr module in clear text. An attacker could use this to expose sensitive...

RHEL 7 / 8 : Red Hat Ceph Storage 4.2 Security and Bug Fix Update (Important) (RHSA-2021:2445)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2445 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage...

ceph-dashboard: Don't use Browser's LocalStorage for storing JWT but Secure Cookies with proper HTTP Headers

A flaw was found in ceph-dashboard. The JSON Web Token JWT used for user authentication is stored by the frontend application in the browser’s localStorage which is potentially vulnerable to attackers via XSS attacks. The highest threat from this vulnerability is to data confidentiality and...

GHSA-QM57-VHQ3-3FWF Header injection possible in Django

In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 with Python 3.9.5+, URLValidator does not prohibit newlines and tabs unless the URLField form field is used. If an application uses values with newlines in an HTTP response, header injection can occur. Django itself is unaffecte...

CVE-2021-23853

In Bosch IP cameras, improper validation of the HTTP header allows an attacker to inject arbitrary HTTP headers through crafted URLs...

CVE-2021-23853

CVE-2021-23853 affects Bosch IP cameras, where improper validation of HTTP headers in crafted URLs allows an attacker to inject arbitrary headers. The vulnerability is documented across multiple feeds (NVD entry and vendor ecosystem). Reported impact includes high confidentiality, integrity, and ...

SUSE: Security Advisory (SUSE-SU-2021:1094-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

In Node.js including 6.x before 6.17.0 8.x before 8.15.1 10.x before 10.15.2 and 11.x before 11.10.1 an attacker can cause a Denial of Service (DoS) by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. This keeps the connection and associated resources alive for a long period of time. Potential attacks are mitigated by the use of a load balancer or other proxy layer. This vulnerability is an extension of CVE-2018-12121 addressed in November and impacts all active Node.js release lines including 6.x before 6.17.0 8.x before 8.15.1 10.x before 10.15.2 and 11.x before 11.10.1.

...

magicRecon - A Powerful Shell Script To Maximize The Recon And Data Collection Process Of An Objective And Finding Common Vulnerabilities

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats. The new version of MagicRecon has a large number of new too...

CVE-2021-32640

ws is an open source WebSocket client and server library for Node.js. A specially crafted value of the Sec-Websocket-Protocol header can be used to significantly slow down a ws server. The vulnerability has been fixed in [email protected]...

Cross-Site Scripting (XSS)

ceph is vulnerable to cross-site scripting. The vulnerability exists due to a flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the...

GO-2022-0706 Information disclosure in go.elastic.co/apm

Sensitive HTTP headers may not be properly sanitized before being sent to the APM server if the program panics...

CVE-2021-3524

A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection...

CVE-2021-3524

A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection...

Cisco Adaptive Security Appliance Software WebVPN CRLF Injection (cisco-sa-asa-ftd-crlf-inj-BX9uRwSn)

According to its self-reported version, the Clientless SSL VPN WebVPN of Cisco Adaptive Security Appliance ASA Software is affected by an CRLF injection vulnerability due to improper input sanitization. An unauthenticated, remote attacker can exploit this by persuading a user of the interface to...

Cisco Firepower Threat Defense Software WebVPN CRLF Injection (cisco-sa-asa-ftd-crlf-inj-BX9uRwSn)

According to its self-reported version, the Clientless SSL VPN WebVPN of Cisco Firepower Threat Defense FTD Software is affected by an CRLF injection vulnerability due to improper input sanitization. An unauthenticated, remote attacker can exploit this by persuading a user of the interface to cli...

CVE-2021-3524

A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection...