15 matches found
EUVD-2024-2505
Malicious code in bioql PyPI...
CVE-2024-44930
Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests...
IP Address Spoofing
serilog.enrichers.clientinfo is vulnerable to IP Spoofing. The vulnerability is caused due to a failure to validate IP address specified in X-Forwarded-For or Client-Ip headers. This allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or...
Use of Less Trusted Source
Overview Affected versions of this package are vulnerable to Use of Less Trusted Source via the handling of X-Forwarded-For or Client-Ip headers. An attacker can falsify their IP address in log files by specifying an arbitrary IP in these headers while making HTTP requests. Remediation Upgrade...
GHSA-5X5Q-CQF6-GJ8R Serilog Client IP Spoofing vulnerability
Serilog before v2.1.0 contains a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses in log files by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests. It is not possible to configure...
Serilog Client IP Spoofing vulnerability
Serilog before v2.1.0 contains a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses in log files by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests. It is not possible to configure...
CVE-2024-44930
Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests...
CVE-2024-44930
Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests...
CVE-2024-44930
Summary of CVE-2024-44930 : Serilog (Serilog.Enrichers.ClientInfo) before v2.1.0 is affected by a Client IP Spoofing vulnerability. Attackers can falsify the client IP by supplying an arbitrary IP in the X-Forwarded-For or Client-Ip headers during HTTP requests. Affected component/functionality i...
CVE-2024-44930
Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests...
PT-2024-31308 · Serilog · Serilog
Name of the Vulnerable Software and Affected Versions: Serilog versions prior to 2.1.0 Description: The issue allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests. This enables attackers to...
serilog-enrichers-clientinfo 安全漏洞
serilog-enrichers-clientinfo is a tool of the Serilog Contrib community. A security vulnerability exists in serilog-enrichers-clientinfo prior to v2.1.0, which stems from a client-side IP spoofing issue that allows an attacker to spoof the IP address of an arbitrary IP by specifying it as the val...
CVE-2024-44930
Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests...
Malicious code in Anotar.Sеrilоg.Fody (NuGet)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in Anotar.Sеrilоg.Foԁу (NuGet)
--- -= Per source details. Do not edit below this line.=-...