87 matches found
CVE-2026-40594
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev98, the setsessioncookiesecure beforerequest handler in src/pyload/webui/app/init.py reads the X-Forwarded-Proto header from any HTTP request without validating that the request originates from a trusted prox...
Astra Linux – Vulnerability in Tomcat9
When using RemoteIpFilter with requests received from a reverse proxy via HTTP that includes the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11.0.0-M1 to 11.0.0.-M2, 10.1.0-M1 to 10.1.5, 9.0.0-M1 to 9.0.71, and 8.5.0 to 8.5.85 did not include the secure...
CVE-2026-40594
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev98, the setsessioncookiesecure beforerequest handler in src/pyload/webui/app/init.py reads the X-Forwarded-Proto header from any HTTP request without validating that the request originates from a trusted prox...
CVE-2026-40594 pyLoad: Session Cookie Security Downgrade via Untrusted X-Forwarded-Proto Header Spoofing (Global State Race Condition)
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev98, the setsessioncookiesecure beforerequest handler in src/pyload/webui/app/init.py reads the X-Forwarded-Proto header from any HTTP request without validating that the request originates from a trusted prox...
CVE-2026-40594
CVE-2026-40594 affects pyLoad: the set_session_cookie_secure before_request in pyload/webui/app/init .py reads X-Forwarded-Proto without origin validation and mutates the global Flask SESSION_COOKIE_SECURE on every request. With Cheroot’s multi-threaded server (request_queue_size=512), this creat...
CVE-2026-40594 pyLoad: Session Cookie Security Downgrade via Untrusted X-Forwarded-Proto Header Spoofing (Global State Race Condition)
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev98, the setsessioncookiesecure beforerequest handler in src/pyload/webui/app/init.py reads the X-Forwarded-Proto header from any HTTP request without validating that the request originates from a trusted prox...
GHSA-MP82-FMJ6-F22V pyLoad has a Session Cookie Security Downgrade via Untrusted X-Forwarded-Proto Header Spoofing (Global State Race Condition)
Summary The setsessioncookiesecure beforerequest handler in src/pyload/webui/app/init.py reads the X-Forwarded-Proto header from any HTTP request without validating that the request originates from a trusted proxy, then mutates the global Flask configuration SESSIONCOOKIESECURE on every request...
Origin Validation Error
Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Origin Validation Error via the setsessioncookiesecure function. An attacker can cause session cookies to be issued without the Secure flag or disrupt user...
SUSE CVE-2026-33495
ORY Oathkeeper is an Identity & Access Proxy IAP and Access Control Decision API that authorizes HTTP requests based on sets of Access Rules. Ory Oathkeeper is often deployed behind other components like CDNs, WAFs, or reverse proxies. Depending on the setup, another component might forward the...
CVE-2026-33495
ORY Oathkeeper is an Identity & Access Proxy IAP and Access Control Decision API that authorizes HTTP requests based on sets of Access Rules. Ory Oathkeeper is often deployed behind other components like CDNs, WAFs, or reverse proxies. Depending on the setup, another component might forward the...
CVE-2026-33495
ORY Oathkeeper is an Identity & Access Proxy IAP and Access Control Decision API that authorizes HTTP requests based on sets of Access Rules. Ory Oathkeeper is often deployed behind other components like CDNs, WAFs, or reverse proxies. Depending on the setup, another component might forward the...
CVE-2026-33495 Ory Oathkeeper has an authentication bypass by usage of untrusted header
ORY Oathkeeper is an Identity & Access Proxy IAP and Access Control Decision API that authorizes HTTP requests based on sets of Access Rules. Ory Oathkeeper is often deployed behind other components like CDNs, WAFs, or reverse proxies. Depending on the setup, another component might forward the...
CVE-2026-33495
ORY Oathkeeper is an Identity & Access Proxy IAP and Access Control Decision API that authorizes HTTP requests based on sets of Access Rules. Ory Oathkeeper is often deployed behind other components like CDNs, WAFs, or reverse proxies. Depending on the setup, another component might forward the...
Ory Oathkeeper 安全漏洞
Ory Oathkeeper is an access control decision-making software developed by Ory OpenSource. Versions of Ory Oathkeeper prior to 26.2.0 contained security vulnerabilities. These vulnerabilities stemmed from incorrect configuration settings, where the header X-Forwarded-Proto was trusted indefinitely...
fastify: request.protocol and request.host Spoofable via X-Forwarded-Proto/Host from Untrusted Connections
Summary When trustProxy is configured with a restrictive trust function e.g., a specific IP like trustProxy: '10.0.0.1', a subnet, a hop count, or a custom function, the request.protocol and request.host getters read X-Forwarded-Proto and X-Forwarded-Host headers from any connection — including...
CVE-2026-3635
A flaw was found in fastify. When the trustProxy option is configured with a restrictive trust function, such as a specific IP, a subnet, a hop count or a custom function, the request.protocol and request.host getters read X-Forwarded-Proto and X-Forwarded-Host headers from any connection,...
Use of Less Trusted Source
Overview fastify is an overhead web framework, for Node.js. Affected versions of this package are vulnerable to Use of Less Trusted Source in the request.protocol and request.host getters. An attacker can manipulate the perceived protocol and host by sending crafted X-Forwarded-Proto and...
CVE-2026-3635
CVE-2026-3635 : In Fastify (affected: fastify
GHSA-VHR5-GGP3-QQ85 Ory Oathkeeper has an authentication bypass by usage of untrusted header
Description Ory Oathkeeper is often deployed behind other components like CDNs, WAFs, or reverse proxies. Depending on the setup, another component might forward the request to the Oathkeeper proxy with a different protocol http vs. https than the original request. In order to properly match the...
CLEANSTART-2026-RH10099 When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11
Multiple security vulnerabilities affect the tomcat9 package. When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11. See references for individual vulnerability details...