155 matches found
ALSA-2025:4791 Moderate: python39:3.9 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
Moderate: python39:3.9 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
GHSA-XFFP-6W68-4775 Zendframework Remote Address Spoofing Vector in `Zend\Http\PhpEnvironment\RemoteAddress`
The Zend\Http\PhpEnvironment\RemoteAddress class provides features around detecting the internet protocol IP address for an incoming proxied request via the X-Forwarded-For header, taking into account a provided list of trusted proxy server IPs. Prior to 2.2.5, the class was not taking into accou...
Zendframework Remote Address Spoofing Vector in `Zend\Http\PhpEnvironment\RemoteAddress`
The Zend\Http\PhpEnvironment\RemoteAddress class provides features around detecting the internet protocol IP address for an incoming proxied request via the X-Forwarded-For header, taking into account a provided list of trusted proxy server IPs. Prior to 2.2.5, the class was not taking into accou...
Improper Input Validation
Symfony is vulnerable to Improper Input Validation. The vulnerability is due to trusting the remote address when at least one trusted proxy is involved, allowing an attacker to manipulate HTTP header values...
PT-2024-40188 · Silverstripe · Silverstripe
Name of the Vulnerable Software and Affected Versions: SilverStripe affected versions not specified Description: The issue allows spoofing of HTTP headers, which can lead to various security problems, including bypassing IP restrictions and SSL enforcement. This is due to SilverStripe trusting...
SUSE CVE-2023-49792
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. In Nextcloud Server prior to versions 26.0.9 and 27.1.4; as well as Nextcloud Enterprise Server prior to versions 23.0.12.13, 24.0.12.9, 25.0.13.4, 26.0.9, and 27.1.4; when a reverse proxy is configured as truste...
Nextcloud Security Breach
Nextcloud is a suite of open source, self-hosted file synchronization and sharing communication application platform from Nextcloud Germany. A security vulnerability exists in Nextcloud Server that stems from the fact that when a proxy is configured as a trusted proxy, the server may be tricked...
PT-2023-8424 · Nextcloud +2 · Nextcloud Enterprise Server +3
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 26.0.9 and 27.1.4 Nextcloud Enterprise Server versions prior to 23.0.12.13, 24.0.12.9, 25.0.13.4, 26.0.9, and 27.1.4 Description: The issue is related to the lack of restrictions on authentication attempts,...
CVE-2023-50463
The caddy-geo-ip aka GeoIP middleware through 0.6.0 for Caddy 2, when trustheader X-Forwarded-For is used, allows attackers to spoof their source IP address via an X-Forwarded-For header, which may bypass a protection mechanism trustedproxy directive in reverseproxy or IP address range restrictio...
CVE-2023-50463
The caddy-geo-ip aka GeoIP middleware through 0.6.0 for Caddy 2, when trustheader X-Forwarded-For is used, allows attackers to spoof their source IP address via an X-Forwarded-For header, which may bypass a protection mechanism trustedproxy directive in reverseproxy or IP address range restrictio...
PT-2023-31567 · Caddy · Caddy-Geo-Ip
Name of the Vulnerable Software and Affected Versions: caddy-geo-ip versions 0.6.0 and earlier for Caddy 2 Description: The issue allows attackers to spoof their source IP address via an X-Forwarded-For header, which may bypass a protection mechanism, such as the trusted proxy directive in revers...
CVE-2023-34036
Reactive web applications that use Spring HATEOAS to produce hypermedia-based responses might be exposed to malicious forwarded headers if they are not behind a trusted proxy that ensures correctness of such headers, or if they don't have anything else in place to handle and possibly discard...
Design/Logic Flaw
Reactive web applications that use Spring HATEOAS to produce hypermedia-based responses might be exposed to malicious forwarded headers if they are not behind a trusted proxy that ensures correctness of such headers, or if they don't have anything else in place to handle and possibly discard...
CVE-2023-34036 Forwarded header exploit with Spring HATEOAS on WebFlux
Reactive web applications that use Spring HATEOAS to produce hypermedia-based responses might be exposed to malicious forwarded headers if they are not behind a trusted proxy that ensures correctness of such headers, or if they don't have anything else in place to handle and possibly discard...
CVE-2023-34036 Forwarded header exploit with Spring HATEOAS on WebFlux
Reactive web applications that use Spring HATEOAS to produce hypermedia-based responses might be exposed to malicious forwarded headers if they are not behind a trusted proxy that ensures correctness of such headers, or if they don't have anything else in place to handle and possibly discard...
SUSE CVE-2019-10097
In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...
SUSE-SU-2022:4013-1 Security update for apache2-mod_wsgi
This update for apache2-modwsgi fixes the following issues: - CVE-2022-2255: Hardened the trusted proxy header filter to avoid bypass. bsc1201634...
SUSE-SU-2022:4010-1 Security update for apache2-mod_wsgi
This update for apache2-modwsgi fixes the following issues: - CVE-2022-2255: Hardened the trusted proxy header filter to avoid bypass. bsc1201634...
httpd: null-pointer dereference in mod_remoteip
A vulnerability was discovered in Apache httpd, in modremoteip. A trusted proxy using the "PROXY" protocol could send specially crafted headers that can cause httpd to experience a stack buffer overflow or NULL pointer dereference, leading to a crash or other potential consequences. This issue...