3 matches found
Security Bulletin: A vulnerability has been identified in the Netty framework used by IBM DevOps Plan (CVE-2025-58057)
Summary A vulnerability has been identified in the Netty framework used by IBM DevOps Plan. Vulnerability Details CVEID:CVE-2025-58057 DESCRIPTION: Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients...
PT-2024-22687 · Amazon · Amazon S3
Name of the Vulnerable Software and Affected Versions: CarrierWave versions prior to 2.2.6 CarrierWave versions prior to 3.0.7 Description: The issue is caused by the fact that when uploading to object storage, including Amazon S3, it is possible to set a Content-Type value that is interpreted by...
PT-2016-4045 · Varnish · Varnish
Name of the Vulnerable Software and Affected Versions: Varnish versions 3.x through 3.0.6 Description: The issue allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a header line terminated by a r carriage return character in conjunction with...