Lucene search
+L

5 matches found

Tenable Nessus
Tenable Nessus
added 2022/10/05 12:0 a.m.100 views

Debian DSA-5246-1 : mediawiki - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5246 advisory. - An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. Users with the editinterface permission can trigger infinite...

8.1CVSS6.6AI score0.0182EPSS
Exploits3References33
OpenVAS
OpenVAS
added 2022/09/19 12:0 a.m.29 views

Mageia: Security Advisory (MGASA-2022-0338)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.8AI score0.0182EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2022/06/10 12:0 a.m.48 views

Drupal 9.2.x < 9.2.21 / 9.3.x < 9.3.16 Drupal Multiple Vulnerabilities (SA-CORE-2022-011)

According to its self-reported version, the instance of Drupal running on the remote web server is 9.2.x prior to 9.2.21, 9.3.x prior to 9.3.16 or 9.4.x prior to 9.4.0-rc2. It is, therefore, affected by multiple vulnerabilities. - Guzzle is an open source PHP HTTP client. In affected versions the...

7.5CVSS7.2AI score0.0182EPSS
Exploits0References12
Vulnrichment
Vulnrichment
added 2022/06/09 12:0 a.m.8 views

CVE-2022-31042 Failure to strip the Cookie header on change in host or HTTP downgrade in Guzzle

Guzzle is an open source PHP HTTP client. In affected versions the Cookie headers on requests are sensitive information. On making a request using the https scheme to a server which responds with a redirect to a URI with the http scheme, or on making a request to a server which responds with a...

7.5CVSS7.6AI score0.0182EPSS
Exploits0References5
CVE
CVE
added 2022/06/09 12:0 a.m.142 views

CVE-2022-31042

Guzzle CVE-2022-31042 affects the handling of Cookie headers during redirects (https→http or host changes). The issue was fixed by stripping cookies on redirects and re-adding only safe cookies via the cookie middleware. Affected versions require upgrades: Guzzle 7 should move to 7.4.4 or later, ...

7.5CVSS7.6AI score0.0182EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder