52 matches found
Critical: php55-pecl-memcached
Issue Overview: PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. CVE-2022-26635 Affected Packages: php55-pecl-memcached Issue Correction: Run yum update php55-pecl-memcached or yum update --advisory ALAS-2023-1671 to update you...
Critical: php-pecl-memcached
Issue Overview: PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. CVE-2022-26635 Affected Packages: php-pecl-memcached Issue Correction: Run yum update php-pecl-memcached or yum update --advisory ALAS-2023-1669 to update your...
Critical: php54-pecl-memcached
Issue Overview: PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. CVE-2022-26635 Affected Packages: php54-pecl-memcached Issue Correction: Run yum update php54-pecl-memcached or yum update --advisory ALAS-2023-1670 to update you...
Critical: php71-pecl-memcached
Issue Overview: PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. CVE-2022-26635 Affected Packages: php71-pecl-memcached Issue Correction: Run yum update php71-pecl-memcached or yum update --advisory ALAS-2023-1674 to update you...
Amazon Linux AMI : php56-pecl-memcached (ALAS-2023-1672)
The version of php56-pecl-memcached installed on the remote host is prior to 2.2.0-5.17. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1672 advisory. PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injectio...
Amazon Linux AMI : php70-pecl-memcached (ALAS-2023-1673)
The version of php70-pecl-memcached installed on the remote host is prior to 3.2.0-1.3. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1673 advisory. PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection...
Amazon Linux AMI : php54-pecl-memcached (ALAS-2023-1670)
The version of php54-pecl-memcached installed on the remote host is prior to 2.1.0-3.10. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1670 advisory. PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injectio...
Amazon Linux AMI : php71-pecl-memcached (ALAS-2023-1674)
The version of php71-pecl-memcached installed on the remote host is prior to 3.2.0-1.4. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1674 advisory. PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection...
Server-Side Request Forgery in Jodd HTTP
Jodd HTTP v6.0.9 was discovered to contain multiple CLRF injection vulnerabilities via the components jodd.http.HttpRequestset and jodd.http.HttpRequestsend. These vulnerabilities allow attackers to execute Server-Side Request Forgery SSRF via a crafted TCP payload...
GHSA-PP3C-CF6J-M3FF Server-Side Request Forgery in Jodd HTTP
Jodd HTTP v6.0.9 was discovered to contain multiple CLRF injection vulnerabilities via the components jodd.http.HttpRequestset and jodd.http.HttpRequestsend. These vulnerabilities allow attackers to execute Server-Side Request Forgery SSRF via a crafted TCP payload...
CVE-2022-29631
Jodd HTTP v6.0.9 was discovered to contain multiple CLRF injection vulnerabilities via the components jodd.http.HttpRequestset and jodd.http.HttpRequestsend. These vulnerabilities allow attackers to execute Server-Side Request Forgery SSRF via a crafted TCP payload...
CVE-2022-29631
Jodd HTTP v6.0.9 was discovered to contain multiple CLRF injection vulnerabilities via the components jodd.http.HttpRequestset and jodd.http.HttpRequestsend. These vulnerabilities allow attackers to execute Server-Side Request Forgery SSRF via a crafted TCP payload...
Server side request forgery (ssrf)
Jodd HTTP v6.0.9 was discovered to contain multiple CLRF injection vulnerabilities via the components jodd.http.HttpRequestset and jodd.http.HttpRequestsend. These vulnerabilities allow attackers to execute Server-Side Request Forgery SSRF via a crafted TCP payload...
CVE-2022-29631
CVE-2022-29631 affects Jodd HTTP v6.0.9. The issue is described as multiple CLRF injection vulnerabilities in the jodd.http.HttpRequest#set and jodd.http.HttpRequest#send, enabling Server-Side Request Forgery via a crafted TCP payload. The impact is SSRF with network access, as stated in the desc...
CVE-2022-29631
Jodd HTTP v6.0.9 was discovered to contain multiple CLRF injection vulnerabilities via the components jodd.http.HttpRequestset and jodd.http.HttpRequestsend. These vulnerabilities allow attackers to execute Server-Side Request Forgery SSRF via a crafted TCP payload...
CVE-2022-29631
Removed by vendor...
CVE-2022-29631
Jodd HTTP v6.0.9 was discovered to contain multiple CLRF injection vulnerabilities via the components jodd.http.HttpRequestset and jodd.http.HttpRequestsend. These vulnerabilities allow attackers to execute Server-Side Request Forgery SSRF via a crafted TCP payload...
CVE-2022-26635
PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. Note: Third parties have disputed this as not affecting PHP-Memcached directly...
CVE-2022-26635
PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. Note: Third parties have disputed this as not affecting PHP-Memcached directly...
ALPINE-CVE-2022-26635
PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. Note: Third parties have disputed this as not affecting PHP-Memcached directly...