Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:20 p.m.9 views

CVE-2021-23937

A DNS proxy and possible amplification attack vulnerability in WebClientInfo of Apache Wicket allows an attacker to trigger arbitrary DNS lookups from the server when the X-Forwarded-For header is not properly sanitized. This DNS lookup can be engineered to overload an internal DNS server or to...

7.5CVSS6.9AI score0.0426EPSS
Exploits0References1
OSV
OSV
added 2021/05/25 5:15 p.m.18 views

CVE-2021-23937

A DNS proxy and possible amplification attack vulnerability in WebClientInfo of Apache Wicket allows an attacker to trigger arbitrary DNS lookups from the server when the X-Forwarded-For header is not properly sanitized. This DNS lookup can be engineered to overload an internal DNS server or to...

7.5CVSS6.9AI score
Exploits0References4
CVE
CVE
added 2021/05/25 8:5 a.m.74 views

CVE-2021-23937

The CVE-2021-23937 issue is a DNS proxy/amplification vulnerability in Apache Wicket’s WebClientInfo. The root cause is failure to sanitize the X-Forwarded-For header, allowing arbitrary DNS lookups from the server. Affected versions include Wicket 9.x up to 9.2.0 and prior, 8.x up to 8.11.0 and ...

7.5CVSS7.5AI score0.0426EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2021/05/25 8:5 a.m.26 views

CVE-2021-23937 DNS proxy and possible amplification attack

A DNS proxy and possible amplification attack vulnerability in WebClientInfo of Apache Wicket allows an attacker to trigger arbitrary DNS lookups from the server when the X-Forwarded-For header is not properly sanitized. This DNS lookup can be engineered to overload an internal DNS server or to...

7.7AI score0.0426EPSS
Exploits0References4
Rows per page
Query Builder