15 matches found
EUVD-2024-2505
Malicious code in bioql PyPI...
CVE-2024-44930
Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests...
IP Address Spoofing
serilog.enrichers.clientinfo is vulnerable to IP Spoofing. The vulnerability is caused due to a failure to validate IP address specified in X-Forwarded-For or Client-Ip headers. This allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or...
Serilog Client IP Spoofing vulnerability
Serilog before v2.1.0 contains a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses in log files by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests. It is not possible to configure...
Use of Less Trusted Source
Overview Affected versions of this package are vulnerable to Use of Less Trusted Source via the handling of X-Forwarded-For or Client-Ip headers. An attacker can falsify their IP address in log files by specifying an arbitrary IP in these headers while making HTTP requests. Remediation Upgrade...
GHSA-5X5Q-CQF6-GJ8R Serilog Client IP Spoofing vulnerability
Serilog before v2.1.0 contains a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses in log files by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests. It is not possible to configure...
CVE-2024-44930
Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests...
CVE-2024-44930
Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests...
CVE-2024-44930
Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests...
serilog-enrichers-clientinfo 安全漏洞
serilog-enrichers-clientinfo is a tool of the Serilog Contrib community. A security vulnerability exists in serilog-enrichers-clientinfo prior to v2.1.0, which stems from a client-side IP spoofing issue that allows an attacker to spoof the IP address of an arbitrary IP by specifying it as the val...
CVE-2024-44930
Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests...
PT-2024-31308 · Serilog · Serilog
Name of the Vulnerable Software and Affected Versions: Serilog versions prior to 2.1.0 Description: The issue allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests. This enables attackers to...
CVE-2024-44930
Summary of CVE-2024-44930 : Serilog (Serilog.Enrichers.ClientInfo) before v2.1.0 is affected by a Client IP Spoofing vulnerability. Attackers can falsify the client IP by supplying an arbitrary IP in the X-Forwarded-For or Client-Ip headers during HTTP requests. Affected component/functionality i...
Malicious code in Anotar.Sеrilоg.Fody (NuGet)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in Anotar.Sеrilоg.Foԁу (NuGet)
--- -= Per source details. Do not edit below this line.=-...