25 matches found
golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters
A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an...
PT-2023-34780 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.7 Description: The issue is related to the pn533 usb send frame function in the Linux Kernel's NFC subsystem, specifically with the pn533 driver. It involves waiting for the completion of out urb in this...
GitLab server-side request forgery vulnerability (CNVD-2021-26069)
GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects. A server-side request forgery vulnerability exists in GitLab, which can be exploited to conduct...
GitLab 代码问题漏洞
GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects. A server-side request forgery vulnerability exists in GitLab, which can be exploited to conduct...
UBUNTU-CVE-2017-6819
In WordPress before 4.7.3, there is cross-site request forgery CSRF in Press This wp-admin/includes/class-wp-press-this.php, leading to excessive use of server resources. The CSRF can trigger an outbound HTTP request for a large file that is then parsed by Press This...