Lucene search
K

5 matches found

OSV
OSV
•added 2024/10/28 4:45 p.m.•6 views

CLSA-2024-1730133909 Fix CVE(s): CVE-2023-27043

SECURITY UPDATE: Incorrect parsing of email addresses containing special characters - debian/patches/CVE-2023-27043.patch: Fix email address parsing errors by adding optional 'strict' parameter to getaddresses and parseaddr functions - CVE-2023-27043...

5.3CVSS6.8AI score0.02507EPSS
Exploits1References1
OSV
OSV
•added 2024/10/22 8:14 p.m.•5 views

CLSA-2024-1729628050 Fix CVE(s): CVE-2023-27043

SECURITY UPDATE: Incorrect parsing of email addresses containing special characters - debian/patches/CVE-2023-27043.patch: Fix email address parsing errors by adding optional 'strict' parameter to getaddresses and parseaddr functions - debian/patches/fix-urllib2-test.patch: Fix error in...

5.3CVSS6.8AI score0.02507EPSS
Exploits1References1
OSV
OSV
•added 2024/10/22 8:3 p.m.•5 views

CLSA-2024-1729627400 Fix CVE(s): CVE-2023-27043

SECURITY UPDATE: Incorrect parsing of email addresses containing special characters - debian/patches/CVE-2023-27043.patch: Fix email address parsing errors by adding optional 'strict' parameter to getaddresses and parseaddr functions - debian/patches/fix-urllib2-test.patch: Fix error in...

5.3CVSS6.8AI score0.02507EPSS
Exploits1References1
CNVD
CNVD
•added 2017/11/17 12:0 a.m.•16 views

private_address_check ruby gem security restriction bypass vulnerability

privateaddresscheck ruby gem is a Ruby-based checking tool for server-side request forgery attacks. A security restriction bypass vulnerability exists in the privateaddresscheck ruby gem prior to version 0.4.0, which stems from the program's use of Ruby's Resolv.getaddresses method. An attacker...

8.1CVSS6.8AI score0.02415EPSS
Exploits0References1
Hacker One
Hacker One
•added 2017/11/06 7:44 p.m.•20 views

Ruby: Resolv::getaddresses bug that can be abused to bypass security measures.

Description Resolv::getaddresses is OS-dependent, therefore by playing around with different IP formats one can return blank values. This bug can be abused to bypass exclusion lists often used to protect against SSRF. | šŸ’» Machine 1 | šŸ’» Machine 2 | |--------------|---------------| | ruby 2.3.3p222...

6.9AI score
Exploits0
Rows per page
Query Builder