HTTP Request smuggling in tiny_http

HTTP pipelining issues and request smuggling attacks are possible due to incorrect Transfer encoding header parsing. It is possible conduct HTTP request smuggling attacks CL:TE/TE:TE by sending invalid Transfer Encoding headers. By manipulating the HTTP response the attacker could poison a...

python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters

The package python/cpython is vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request...

Moderate: Red Hat Security Advisory: python27 security update

An update for python27-babel, python27-python, python27-python-jinja2, and python27-python-pygments is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, whi...

python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters

The package python/cpython is vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request...

Security Bulletin: Potential vulnerability with Node.js

Summary A potential vulnerability has been identified related to Node.js. Refer to details for additional information. Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If the GENERALNAMEcmp function contain...

Security Bulletin: Netty Vulnerability Affects IBM Watson Machine Learning on CP4D (CVE-2021-21409)

Summary Netty is vulnerable to request smuggling, caused by improper validation of request, caused by missing validation of content-length on IBM Watson Machine Learning on CP4D Vulnerability Details CVEID: CVE-2021-21409 DESCRIPTION: Netty is vulnerable to request smuggling, caused by improper...

Security Bulletin: akka-http-core Vulnerability Affects IBM Watson Machine Learning on CP4D (CVE-2021-23339)

Summary akka-http-core allows is vulnerable to allow multiple Transfer-Encoding headers on IBM Watson Machine Learning on CP4D Vulnerability Details CVEID: CVE-2021-23339 DESCRIPTION: com.typesafe.akka:akka-http-core is vulnerable to request smuggling, caused by improper validation of request. By...

Shopify: Shopify.com Web Cache Deception vulnerability leads to personal information and CSRF tokens leakage

Shopify.com Web Cache Deception Vulnerability Matteo Golinelli, July 21, 2021. I am testing websites for possible Web Cache Deception vulnerabilities you can find more about it here and I discovered that shopify.com is vulnerable. Web cache deception WCD is an attack where an attacker tricks a...

Security Bulletin: A vulnerability in netty affects IBM Spectrum Scale Transparent Cloud TierCVE-(2021-21295)

Summary Netty is used by IBM Spectrum Scale Transparent Cloud Tiering. IBM Spectrum Scale Transparent Cloud Tiering has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-21295 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by improper validation of...

CVE-2016-6816

It was discovered that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP...

Huawei EulerOS: Security Advisory for python (EulerOS-SA-2021-2159)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python (EulerOS-SA-2021-2096)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.2 : python (EulerOS-SA-2021-2159)

According to the versions of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if...

EulerOS Virtualization for ARM 64 3.0.2.0 : python (EulerOS-SA-2021-2096)

According to the versions of the python packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF...

Cached redirect poisoning via X-Forwarded-Host header

A user supplied X-Forwarded-Host header can be used to perform cache poisoning of a cache fronting a Ratpack server if the cache key does not include the X-Forwarded-Host header as a cache key. Users are only vulnerable if they do not configure a custom PublicAddress instance. A custom...

Huawei EulerOS: Security Advisory for python2 (EulerOS-SA-2021-2022)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python (EulerOS-SA-2021-2028)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.6 : python (EulerOS-SA-2021-2028)

According to the versions of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in...

EulerOS Virtualization for ARM 64 3.0.6.0 : python2 (EulerOS-SA-2021-2022)

According to the version of the python2 packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9...

EulerOS Virtualization for ARM 64 3.0.6.0 : python3 (EulerOS-SA-2021-2007)

According to the versions of the python3 packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from...