77 matches found
USN-7372-1: Varnish vulnerability
Martin van Kervel Smedshammer discovered that Varnish did not properly sanitize certain HTTP headers. A remote attacker could possibly use this issue to perform a cross-site request forgery CSRF attack...
CVE-2025-0752
A flaw was found in OpenShift Service Mesh 2.6.3 and 2.5.6. Rate-limiter avoidance, access-control bypass, CPU and memory exhaustion, and replay attacks may be possible due to improper HTTP header sanitization in Envoy...
CVE-2025-0754
The vulnerability was found in OpenShift Service Mesh 2.6.3 and 2.5.6. This issue occurs due to improper sanitization of HTTP headers by Envoy, particularly the x-forwarded-for header. This lack of sanitization can allow attackers to inject malicious payloads into service mesh logs, leading to lo...
CVE-2025-0752
A flaw was found in OpenShift Service Mesh 2.6.3 and 2.5.6. Rate-limiter avoidance, access-control bypass, CPU and memory exhaustion, and replay attacks may be possible due to improper HTTP header sanitization in Envoy...
CVE-2025-0754 Envoyproxy: openshift service mesh 2.6.3 and 2.5.6 envoy header handling allows log injection and potential spoofing
The vulnerability was found in OpenShift Service Mesh 2.6.3 and 2.5.6. This issue occurs due to improper sanitization of HTTP headers by Envoy, particularly the x-forwarded-for header. This lack of sanitization can allow attackers to inject malicious payloads into service mesh logs, leading to lo...
CVE-2025-0752 Envoyproxy: openshift service mesh envoy http header sanitization bypass leading to dos and unauthorized access
A flaw was found in OpenShift Service Mesh 2.6.3 and 2.5.6. Rate-limiter avoidance, access-control bypass, CPU and memory exhaustion, and replay attacks may be possible due to improper HTTP header sanitization in Envoy...
CVE-2025-0752 Envoyproxy: openshift service mesh envoy http header sanitization bypass leading to dos and unauthorized access
A flaw was found in OpenShift Service Mesh 2.6.3 and 2.5.6. Rate-limiter avoidance, access-control bypass, CPU and memory exhaustion, and replay attacks may be possible due to improper HTTP header sanitization in Envoy...
CVE-2025-0752
OpenShift Service Mesh (versions 2.5.6 and 2.6.3) is affected by a vulnerability in Envoy related to improper HTTP header sanitization. The underlying issue can enable rate-limiter circumvention, bypass of access controls, and may lead to CPU and memory exhaustion and replay attacks. The CVE desc...
PT-2025-4041 · Red Hat · Openshift Service Mesh
Name of the Vulnerable Software and Affected Versions: OpenShift Service Mesh versions 2.5.6 through 2.6.3 Description: The issue occurs due to improper sanitization of HTTP headers by Envoy, particularly the x-forwarded-for header. This lack of sanitization can allow attackers to inject maliciou...
OESA-2024-2465 rubygem-actionpack security update
Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling easy unit/integration testing that doesn't require a browser. Security Fixes: A Cross-site Scripting XSS vulnerability was found in Actionpack due to...
Security update for etcd
This update for etcd fixes the following issues: Update to version 3.5.12: Security fixes: CVE-2018-16873: Fixed remote command execution in cmd/go bsc1118897 CVE-2018-16874: Fixed directory traversal in cmd/go bsc1118898 CVE-2018-16875: Fixed CPU denial of service in crypto/x509 bsc1118899...
djangorestframework: Cross-site Scripting (XSS) via break_long_headers
A vulnerability was found in the djangorestframework package. Cross-site scripting occurs via the breaklongheaders template filter due to improper input sanitization before splitting and joining with tags...
CVE-2024-29022 Session Hijacking via XSS attack in header and session grid in Xibo CMS
Xibo is an Open Source Digital Signage platform with a web content management system and Windows display player software. In affected versions some request headers are not correctly sanitised when stored in the session and display tables. These headers can be used to inject a malicious script int...
Input validation
Trillium is a composable toolkit for building internet applications with async rust. In trillium-http prior to 0.3.12 and trillium-client prior to 0.5.4, insufficient validation of outbound header values may lead to request splitting or response splitting attacks in scenarios where attackers have...
PT-2023-12039 · Elastic · Apm .Net Agent
Name of the Vulnerable Software and Affected Versions: Elastic APM .NET Agent affected versions not specified Description: The issue concerns the Elastic APM .NET Agent leaking sensitive HTTP header information when logging application error details. Normally, the agent sanitizes sensitive HTTP...
SUSE-SU-2023:3841-1 Security update for go1.19-openssl
This update for go1.19-openssl fixes the following issues: Update to version 1.19.13 bsc1200441. - CVE-2023-29409: Fixed unrestricted RSA keys in certificates bsc1213880. - CVE-2023-29406: Fixed insufficient sanitization of Host header bsc1213229. The following non-security bug was fixed: - Add...
SUSE-SU-2023:2845-1 Security update for go1.19
This update for go1.19 fixes the following issues: go was updated to version 1.19.11 bsc1200441: - CVE-2023-29406: Fixed insufficient sanitization of Host header in net/http bsc1213229...
PT-2023-13664 · Unknown · Bluepage Cms
Name of the Vulnerable Software and Affected Versions: BluePage CMS versions 3.9 and earlier Description: The issue allows MySQL Injection in the User-Agent field using a Time-based blind SLEEP payload due to insufficient sanitization of HTTP Headers. Recommendations: For BluePage CMS versions 3....
PT-2023-2245 · Envoy · Envoy
Name of the Vulnerable Software and Affected Versions: Envoy versions prior to 1.26.0 Envoy versions prior to 1.25.3 Envoy versions prior to 1.24.4 Envoy versions prior to 1.23.6 Envoy versions prior to 1.22.9 Description: The issue is related to the insufficient sanitization of request propertie...
@netlify/ipx vulnerable to Full Response SSRF and Stored XSS via Cache Poisoning and Improper Host Validation
Impact By sending specially crafted headers an attacker can bypass the source image domain allowlist, causing the handler to load and return arbitrary images. Because the response is cached globally, this image will then be served to visitors without requiring those headers to be set. XSS can be...