873 matches found
Security Bulletin: Vulnerabilities in Node.js affect IBM Spectrum Control (CVE-2020-8201, CVE-2020-8252)
Summary Node.js is vulnerable to HTTP request smuggling and to a buffer overflow which can affect IBM Spectrum Control. Vulnerability Details CVEID: CVE-2020-8201 DESCRIPTION: Node.js is vulnerable to HTTP request smuggling, caused by CR-to-Hyphen conversion. By sending specially crafted HTTP...
Web Cache Poisoning
Overview Affected versions of this package are vulnerable to Web Cache Poisoning. It accepts the Accept-Version header by default, and if versioned routes are not being used, this could lead to a denial of service. Accept-Version can be used as an unkeyed header in a cache poisoning attack...
CVE-2019-4552
IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 are vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the...
CVE-2019-4552
IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 are vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the...
Cross site scripting
IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 are vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the...
CVE-2019-4552
IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 are vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the...
CVE-2019-4552
CVE-2019-4552 affects IBM Security Access Manager (ISAM) 9.0.7 and IBM Security Verify Access (ISVA) 10.0.0. The vulnerability is an HTTP response splitting flaw that a remote attacker can trigger by clicking a specially crafted URL, potentially enabling web cache poisoning, cross-site scripting,...
Web Cache Poisoning
Overview rack is a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between the so-called middleware into a singl...
Web Cache Poisoning
Amendment This was deemed not a vulnerability. Overview tornado is a Python web framework and asynchronous networking library, originally developed at FriendFeed. Affected versions of this package are vulnerable to Web Cache Poisoning. The root cause of this vulnerability was determined to by a...
Web Cache Poisoning
Overview Affected versions of this package are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request between the proxy running with defaul...
Reddit: Image queue default key of 'None' and GraphQL unhandled type exception
Summary: I started testing for unrestricted file uploads and quickly discovered a way to upload a corrupted file into Reddit. I was able to bypass the MIME type of uploaded files first by uploading a normal PNG file to Reddit, intercepting the request with burp, and changing the content type from...
Security Bulletin: IBM Cloud Private is vulnerable to a Netty vulnerability (CVE-2020-7238)
Summary IBM Cloud Private is vulnerable to a Netty vulnerability Vulnerability Details CVEID: CVE-2020-7238 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a flaw when handling Transfer-Encoding whitespace and a later Content-Length header. By sending a specially-crafted...
CVE-2020-10687
A flaw was discovered in all versions of Undertow before Undertow 2.2.0.Final, where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS...
Design/Logic Flaw
A flaw was discovered in all versions of Undertow before Undertow 2.2.0.Final, where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS...
CVE-2020-10687
A flaw was discovered in all versions of Undertow before Undertow 2.2.0.Final, where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft
Awesome Web Security 🐶 Curated list of Web Security materials and resources. Needless to say, most websites suffer from various types of bugs which may eventually lead to vulnerabilities. Why would this happen so often? There can be many factors involved including misconfiguration, shortage of...
HTTP Request Smuggling
wildfly-undertow is vulnerable to HTTP request smuggling. The vulnerability exists against HTTP/1.x and HTTP/2 due to an incomplete fix for CVE-2017-2666, permitting invalid characters in an HTTP request. An attacker is able to poison a web-cache, perform an XSS attack, or obtain sensitive...
Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests
A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from...
Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests
A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from...
Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests
A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from...