310 matches found
jetty: double release of resource can lead to information disclosure
In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in case of too large response headers, Jetty throws an exception to produce an HTTP 431 error. When this happens, the ByteBuffer containing the HTTP response headers is released back to the ByteBufferPool twice. Because of this doub...
jetty: double release of resource can lead to information disclosure
In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in case of too large response headers, Jetty throws an exception to produce an HTTP 431 error. When this happens, the ByteBuffer containing the HTTP response headers is released back to the ByteBufferPool twice. Because of this doub...
Information Disclosure
firefox is vulnerable to information disclosure. The vulnerability exists as Response header name interning does not have same-origin protections and these headers are stored in a global registry. This allows stored header names to be available cross-origin. This vulnerability affects Firefox 55...
resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class
A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed...
resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class
A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed...
InnoGames: Cache Poisoning via uppercase letters in invalid path
Summary of the issue Cache poisoning vulnerability appears in the request to innogames.com. The issue arises when language path parameter from the url gets processed on the backend to become lowercase. Then if a path provided in X-Forwarded-Host does not exist on the server, 301 response is...
UBUNTU-CVE-2019-17638
In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in case of too large response headers, Jetty throws an exception to produce an HTTP 431 error. When this happens, the ByteBuffer containing the HTTP response headers is released back to the ByteBufferPool twice. Because of this doub...
resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class
A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed...
resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class
A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed...
resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class
A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed...
ceph14 -- HTTP header injection via CORS ExposeHeader tag
Red Hat bugzilla reports: A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection ...
resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class
A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed...
CVE-2019-19090
For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the HTTP response header. Unencrypted connections might access the cookie information, thus making it susceptible to eavesdropping...
Cross site scripting
For ABB eSOMS versions 4.0 to 6.0.2, the X-XSS-Protection HTTP response header is not set in responses from the web server. For older web browser not supporting Content Security Policy, this might increase the risk of Cross Site Scripting...
CVE-2019-19002 ABB eSOMS X-XSS-Protection not enabled
For ABB eSOMS versions 4.0 to 6.0.2, the X-XSS-Protection HTTP response header is not set in responses from the web server. For older web browser not supporting Content Security Policy, this might increase the risk of Cross Site Scripting...
CVE-2020-5255: Prevent cache poisoning via a Response Content-Type header
More info at https://symfony.com/cve-2020-5255...
CVE-2020-5255: Prevent cache poisoning via a Response Content-Type header
Affected versions Symfony 4.4.0 to 4.4.6 and 5.0.0 to 5.0.6 versions of the Symfony HttpFoundation component are affected by this security issue. The issue has been fixed in Symfony 4.4.7 and 5.0.7. Description When a Response does not contain a Content-Type header, Symfony falls back to the form...
Unspecified Vulnerability in ABB eSOMS (CNVD-2020-19561)
ABB eSOMS is a plant operations management system from ABB Switzerland. ABB eSOMS contains a security vulnerability that originates from not setting a security flag in the HTTP response header, which can be exploited by an attacker to obtain cookie information...
Trend Micro Worry-Free Business Security (WFBS) Multiple Vulnerabilities (1114098)
The remote host is running a version of the Trend Micro WFBS which is affected by multiple vulnerabilities. An attacker who has already gained a foothold on the local WFBS server may manipulate configuration variables in order to access files outside of the web root folder or modify HTTP response...
Crlf injection
Hotels Styx through 1.0.0.beta8 allows HTTP response splitting due to CRLF Injection. This is exploitable if untrusted user input can appear in a response header...