14 matches found
EUVD-2024-48827
Malicious code in bioql PyPI...
puppet-foreman: An authentication bypass vulnerability exists in Foreman
An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache's modproxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing...
puppet-foreman: An authentication bypass vulnerability exists in Foreman
An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache's modproxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing...
puppet-foreman: An authentication bypass vulnerability exists in Foreman
An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache's modproxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing...
puppet-foreman: An authentication bypass vulnerability exists in Foreman
An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache's modproxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing...
CVE-2024-7923
An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache's modproxy not properly unsetting headers because of restrictions on underscores in HTTP headers,...
CVE-2024-7923
CVE-2024-7923: Authentication bypass in Pulpcore when deployed with Gunicorn
CVE-2024-7923 Puppet-pulpcore: an authentication bypass vulnerability exists in pulpcore
An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache's modproxy not properly unsetting headers because of restrictions on underscores in HTTP headers,...
CVE-2024-7923 Puppet-pulpcore: an authentication bypass vulnerability exists in pulpcore
An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache's modproxy not properly unsetting headers because of restrictions on underscores in HTTP headers,...
CVE-2024-7012 Puppet-foreman: an authentication bypass vulnerability exists in foreman
An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache's modproxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing...
CVE-2024-7012
CVE-2024-7012 describes an authentication bypass in Foreman when deployed with External Authentication, caused by Apache’s mod_proxy failing to unset headers due to underscore handling in HTTP headers. The issue, as stated, could allow an unauthorized user to gain administrative access on all act...
CVE-2024-7012
An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache's modproxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing...
PT-2024-38689
Name of the Vulnerable Software and Affected Versions Pulpcore versions 3.0 and later Gunicorn versions prior to 22.0 Description An authentication bypass issue has been identified due to Apache's mod proxy not properly unsetting headers because of restrictions on underscores in HTTP headers,...
PT-2024-38030
Name of the Vulnerable Software and Affected Versions Foreman versions 6.13 through 6.15 Foreman with Gunicorn versions prior to 22.0 Description An authentication bypass issue has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This...