CVE-2022-29248

Guzzle prior to 6.5.6 and 7.4.3 exposed a cookie-domain validation flaw in the cookie middleware: a response Set-Cookie header could set cookies for unrelated domains if the cookie middleware was enabled (or cookies => true) and the client reused a single Guzzle instance across domains. The co...

CVE-2022-29248 Cross-domain cookie leakage in Guzzle

Guzzle is a PHP HTTP client. Guzzle prior to versions 6.5.6 and 7.4.3 contains a vulnerability with the cookie middleware. The vulnerability is that it is not checked if the cookie domain equals the domain of the server which sets the cookie via the Set-Cookie header, allowing a malicious server ...

Drupal 9.2.x < 9.2.20 / 9.3.x < 9.3.14 Drupal Vulnerability (SA-CORE-2022-010)

According to its self-reported version, the instance of Drupal running on the remote web server is 9.2.x prior to 9.2.20 or 9.3.x prior to 9.3.14. It is, therefore, affected by a vulnerability. - Guzzle is a PHP HTTP client. Guzzle prior to versions 6.5.6 and 7.4.3 contains a vulnerability with t...

dotnet: excess memory allocation via HttpClient causes DoS

A flaw was found in dotnet. The Microsoft Security Advisory describes the issue of the Apply MaxResponseHeadersLength limit for trailing headers to address a denial of service via excess memory allocations through the HttpClient...

Oracle Linux 8 : python3 (ELSA-2022-1986)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-1986 advisory. - Security fix for CVE-2021-4189: ftplib should not use the host from the PASV response Resolves: rhbz2036020 Tenable has extracted the preceding...

Oracle Linux 8 : python27:2.7 (ELSA-2022-1821)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-1821 advisory. - Security fix for CVE-2022-0391: urlparse does not sanitize URLs containing ASCII newline and tabs Resolves: rhbz2047376 - Security fix for...

GHSA-C82R-QG3W-Q5MV Apache Solr insecure inter-node communication

Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe that the malicious...

Insufficient Verification of Data Authenticity in Async Http Client

main/java/com/ning/http/client/AsyncHttpClientConfig.java in Async Http Client aka AHC or async-http-client before 1.9.0 does not require a hostname match during verification of X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an arbitrary valid certificate...

GHSA-8H53-FJGG-G42G Insufficient Verification of Data Authenticity in Async Http Client

Async Http Client aka AHC or async-http-client before 1.9.0 skips X.509 certificate verification unless both a keyStore location and a trustStore location are explicitly set, which allows man-in-the-middle attackers to spoof HTTPS servers by presenting an arbitrary certificate during use of a...

Insufficient Verification of Data Authenticity in Async Http Client

Async Http Client aka AHC or async-http-client before 1.9.0 skips X.509 certificate verification unless both a keyStore location and a trustStore location are explicitly set, which allows man-in-the-middle attackers to spoof HTTPS servers by presenting an arbitrary certificate during use of a...

au.com.dius.pact:au.com.dius.pact.gradle.plugin (>=2.1.1 <=2.1.12), au.com.dius:pact-jvm-consumer-groovy-v3_2.10 (>=2.2.11 <=2.2.15) +1354 more potentially affected by CVE-2013-7397 via com.ning:async-http-client (>=1.0.0 <=1.9.0-BETA6)

com.ning:async-http-client MAVEN version =1.0.0, =2.1.1, =2.2.11, =2.2.11, =2.0.0, =2.0.0, =2.0-RC3, =2.0.0, =2.0.0, =2.0.4, =2.0-RC3, =2.0.0, =1.11, =2.0.0, =2.0.5, =2.0.5, =3.2.1 and more Source cves: CVE-2013-7397 Source advisory: OSV:GHSA-8H53-FJGG-G42G...

au.com.dius.pact:au.com.dius.pact.gradle.plugin (>=2.1.1 <=2.1.12), au.com.dius:pact-jvm-consumer-groovy-v3_2.10 (>=2.2.11 <=2.2.15) +1354 more potentially affected by CVE-2013-7398 via com.ning:async-http-client (>=1.0.0 <=1.9.0-BETA6)

com.ning:async-http-client MAVEN version =1.0.0, =2.1.1, =2.2.11, =2.2.11, =2.0.0, =2.0.0, =2.0-RC3, =2.0.0, =2.0.0, =2.0.4, =2.0-RC3, =2.0.0, =1.11, =2.0.0, =2.0.5, =2.0.5, =3.2.1 and more Source cves: CVE-2013-7398 Source advisory: OSV:GHSA-5C66-6H6G-6Q6M...

GHSA-5C66-6H6G-6Q6M Insufficient Verification of Data Authenticity in Async Http Client

main/java/com/ning/http/client/AsyncHttpClientConfig.java in Async Http Client aka AHC or async-http-client before 1.9.0 does not require a hostname match during verification of X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an arbitrary valid certificate...

AlmaLinux 8 : python38:3.8 and python38-devel:3.8 (ALSA-2022:1764)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1764 advisory. python: urllib: Regular expression DoS in AbstractBasicAuthHandler CVE-2021-3733 python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass...

AlmaLinux 8 : python3 (ALSA-2022:1986)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1986 advisory. - A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP...

dotnet: excess memory allocation via HttpClient causes DoS

A flaw was found in dotnet. The Microsoft Security Advisory describes the issue of the Apply MaxResponseHeadersLength limit for trailing headers to address a denial of service via excess memory allocations through the HttpClient...

dotnet: excess memory allocation via HttpClient causes DoS

A flaw was found in dotnet. The Microsoft Security Advisory describes the issue of the Apply MaxResponseHeadersLength limit for trailing headers to address a denial of service via excess memory allocations through the HttpClient...

dotnet: excess memory allocation via HttpClient causes DoS

A flaw was found in dotnet. The Microsoft Security Advisory describes the issue of the Apply MaxResponseHeadersLength limit for trailing headers to address a denial of service via excess memory allocations through the HttpClient...

Cisco RV340 SSL VPN Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco RV340 SSL VPN Unauthenticated Remote Code Execution', 'Description' = %q This module exploits a stack buffer overflow in the Cisco RV serie...

RHEL 8 : python3 (RHSA-2022:1986)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1986 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...