Hono 数据伪造问题漏洞

Hono is a web framework built in TypeScript for the Hono community. Versions 4.12.0 and 4.12.1 of Hono contain a data manipulation vulnerability. This vulnerability arises from the use of the AWS Lambda adapter after an application load balancer. In this context, the getConnInfo function...

UBUNTU-CVE-2024-45397

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. When an HTTP request using TLS/1.3 early data on top of TCP Fast Open or QUIC 0-RTT packets is received and the IP-address-based access control is used, the access control does not detect and prohibit HTTP requests conveyed by...

CVE-2024-45397 H2O alllows bypassing address-based access control with 0-RTT

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. When an HTTP request using TLS/1.3 early data on top of TCP Fast Open or QUIC 0-RTT packets is received and the IP-address-based access control is used, the access control does not detect and prohibit HTTP requests conveyed by...

CVE-2024-45397

Technical details (affected versions, fixes, and exploit info) are not provided in the supplied documents. Monitor for updates from vendors and security advisories.

PT-2024-40336 · Symfony2 · Symfony2

Name of the Vulnerable Software and Affected Versions: Symfony2 versions prior to the fixed version Description: A security issue was found in the Request::getClientIp method when the trust proxy mode is enabled. This issue affects applications that use the client IP address for sensitive decisio...

Easy VPN Transition With Zero Trust Access

Akamai recently announced Enterprise Application Access capabilities designed to improve performance and user experience, as well as provide an easy migration away from VPN, reducing complexity and risk. The new capabilities -- IP address-based access, on-premises network detection, and captive...