SUSE CVE-2020-5420

Cloud Foundry Routing Gorouter versions prior to 0.206.0 allow a malicious developer with "cf push" access to cause denial-of-service to the CF cluster by pushing an app that returns specially crafted HTTP responses that crash the Gorouters...

CVE-2022-22577

An XSS Vulnerability in Action Pack = 5.2.0 and 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses...

UBUNTU-CVE-2022-22577

An XSS Vulnerability in Action Pack = 5.2.0 and 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses...

USN-4981-1 squid, squid3 vulnerabilities

Joshua Rogers discovered that Squid incorrectly handled requests with the urn: scheme. A remote attacker could possibly use this issue to cause Squid to consume resources, leading to a denial of service. CVE-2021-28651 Joshua Rogers discovered that Squid incorrectly handled requests to the Cache...

squid: wrong error handling for malformed HTTP responses

It was found that squid did not properly handle errors when failing to parse an HTTP response, possibly leading to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response...