31 matches found
Pallets Werkzeug 环境问题漏洞
Pallets Werkzeug is a WSGI web application library. An environmental issue vulnerability exists in Pallets Werkzeug version 2.1.0 and prior versions that stems from incorrectly parsing HTTP requests. An attacker could use this vulnerability to perform HTTP request smuggling via a specially crafte...
mitmproxy环境问题漏洞
mitmproxy is an interactive, SSL/TLS-enabled interceptor proxy with a console interface for HTTP/1, HTTP/2, and WebSockets. An environment issue vulnerability exists in mitmproxy 7.0.2 and prior versions, where a malicious client/server can smuggle a request/response through mitmproxy as part of...
Apache Traffic Server Environment Issue Vulnerability (CNVD-2021-70101)
An environmental issue vulnerability exists in Apache Traffic Server ATS, a set of scalable HTTP proxy and caching servers from the Apache Foundation, which stems from a failure to properly handle URL data segments. An attacker could exploit this vulnerability to affect the cache of the target...
Unspecified Vulnerability in JerryScript (CNVD-2021-43002)
JerryScript is a lightweight JavaScript engine . An unspecified vulnerability exists in ecmaislexicalenvironment in ecma-helpers.c in JerryScript version 2.4.0. No detailed vulnerability details are provided at this time...
Netty 环境问题漏洞
Netty is a non-blocking I/O client-server framework from the Netty community that is primarily used to develop Java web applications such as protocol servers and clients. Netty suffers from an environment issue vulnerability which leads to request smuggling...
Lightbeed Akka Akka-http Environment Issue Vulnerability
Lightbeed Akka Akka-http is a toolkit from the Lightbeed community in China. It provides a more generalized toolkit for providing and using HTTP-based services. An environment issue vulnerability exists in com.typesafe.akka:akka-http-core that allows multiple Transfer-Encoding headers...
Red Hat Undertow Environment Issues Vulnerabilities
Red Hat Undertow is a U.S. Red Hat Red Hat, a Java-based embedded Web server, is the default Web server Wildfly Java application server. An environment issue vulnerability exists in versions prior to Red Hat Undertow 2.1.1.Final. An attacker could exploit this vulnerability to cause HTTP requests...
OpenResty Environment Issues Vulnerabilities
OpenResty is China's Ou Rui software development OpenResty company's a Web application server based on Nginx and Lua . An environment issue vulnerability exists in the ngxhttpluasubrequest.c file in OpenResty versions prior to 1.15.8.4. The vulnerability stems from an unreasonable environmental...
Google Go Environmental Issues Vulnerability
Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google. An environment issue vulnerability exists in Google Go versions prior to 1.12.10 and 1.13.x prior to 1.13.1, which can be exploited by an attacker to bypass filters or perform a...
Updated mythtv packages fix security issues
This update provides and update to mythtv 30, and updates the bundled ffmpeg to 3.2. It also fixes at least the following issue: The flvwritepacket function in libavformat/flvenc.c in FFmpeg through 4.0.2 does not check for an empty audio packet, leading to an assertion failure CVE-2018-15822. It...
June 11, 2019—KB4503293 (OS Build 18362.175)
None None...