CVE-2022-38113

CVE-2022-38113 corresponds to an information-disclosure vulnerability in SolarWinds Security Event Manager (SEM). The issue stems from server response headers disclosing build and service-version information, enabling an attacker to determine software aging and lineage. Public sources consistentl...

HTTP response splitting in CGI

If an application that generates HTTP responses using the cgi gem with untrusted user input, an attacker can exploit it to inject a malicious HTTP response header and/or body. Also, the contents for a CGI::Cookie object were not checked properly. If an application creates a CGI::Cookie object bas...

Cisco Secure Email and Web Manager (SMA) HTTP Response Header Injection (cisco-sa-ESA-HTTP-Inject-nvsycUmR)

According to its self-reported version, Cisco Secure Email and Web Manager SMA is affected by a vulnerability due to a failure to sanitize input values. An unauthenticated, remote attacker can exploit this, by injecting malicious HTTP headers, in order to conduct an HTTP response splitting attack...

Batched HTTP requests may set incorrect `cache-control` response header

Impact In Apollo Server 3 and 4, the cache-control HTTP response header may not reflect the cache policy that should apply to an HTTP request when that HTTP request contains multiple operations using HTTP batching. This could lead to data being inappropriately cached and shared. Apollo Server...

nginx 1.1.x < 1.23.2 / 1.0.x < 1.22.1 Memory Disclosure

According to its Server response header, the installed version of nginx is 1.0.x prior to 1.22.1 or 1.1.x prior to 1.23.2. It is, therefore, affected by a memory disclosure in the ngxhttpmp4module that allows an attacker to cause a worker process crash or worker process memory disclosure. The...

CVE-2019-14841

A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw allows an attacker to gain admin privileges in the Business Central Console...

CVE-2019-14841

A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw allows an attacker to gain admin privileges in the Business Central Console...

CVE-2019-14841

CVE-2019-14841 affects Red Hat Decision Manager (RHDM) . An authenticated attacker can mutate their role in the HTTP response header, enabling escalation to admin privileges in the Business Central Console . Root cause: improper handling of role assignment in header processing within RHDM. Impact...

CVE-2022-3260

The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking attack.. Some browsers would interpret these results incorrectly, allowing clickjacking attacks...

Bypass open redirect protection

Description I could bypass the open redirect protection on the application after parsing the redirect function using the following payload http://[email protected]/ and the payload with the link in the following...

HashiCorp go-getter unsafe downloads

HashiCorp go-getter through 2.0.2 does not safely perform downloads. Protocol switching, endless redirect, and configuration bypass were possible via abuse of custom HTTP response header processing...

CVE-2022-26945

go-getter up to 1.5.11 and 2.0.2 allowed protocol switching, endless redirect, and configuration bypass via abuse of custom HTTP response header processing. Fixed in 1.6.1 and 2.1.0...

CVE-2022-26945

The CVE-2022-26945 entry concerns HashiCorp go-getter, where affected versions include up to 1.5.11 and 2.0.2. The root issue is abuse of custom HTTP response header processing that enables protocol switching, endless redirects, and a configuration bypass. Mitigation/fix is available: go-getter 1...

CVE-2022-26945

go-getter up to 1.5.11 and 2.0.2 allowed protocol switching, endless redirect, and configuration bypass via abuse of custom HTTP response header processing. Fixed in 1.6.1 and 2.1.0...

GHSA-JQM6-M3J3-8GG9 Concurrent Execution using Shared Resource with Improper Synchronization in Elasticsearch

A race condition flaw was found in the response headers Elasticsearch versions before 7.2.1 and 6.8.2 returns to a request. On a system with multiple users submitting requests, it could be possible for an attacker to gain access to response header containing sensitive data from another user...

GHSA-JVX9-RJ3W-JQ99 Origin Validation Error in Apache NiFi

Apache NiFi before 0.7.4 and 1.x before 1.3.0 need to establish the response header telling browsers to only allow framing with the same origin...

Authentication Bypass

ngxhttpluamodule is vulnerable to authentication bypass. The vulnerability exists because it doesn't properly restrict the user inputs which allows an attacker to insert unsafe characters in an argument when using the API to mutate a URI, or a request or response header...

CyberArk Identity Security Feature Issue Vulnerability

CyberArk Identity, a CyberArk company, provides the most complete identity security platform to secure all identities from end-to-end.CyberArk Identity is vulnerable to a security signature issue that stems from the fact that the StartAuthentication resource exposes the response header X-CFY-TX-T...

CVE-2022-22700

CyberArk Identity (versions up to 22.1) exposes the response header X-CFY-TX-TM in the StartAuthentication resource. In certain configurations this header contains predictable value ranges that can be used to infer whether a user exists in the tenant. The CVE is CVE-2022-22700; it is a header lea...

CVE-2022-0155

A flaw was found in follow-redirects when fetching a remote URL with a cookie when it gets to the Location response header. This flaw allows an attacker to hijack the account as the cookie is leaked...