PT-2025-48180

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that under specific conditions could have allowed an unauthenticated user to join arbitrary organizations by changing headers on some requests...

on-headers 安全漏洞

on-headers is a jshttp open source application. A security vulnerability exists in on-headers version 1.1.0, which stems from the possibility of unintentional modification of the response header when passing an array to response.writeHead...

PT-2024-21042 · H2O +1 · H2O +1

Name of the Vulnerable Software and Affected Versions: h2o versions prior to the version containing commit 123f5e2b65dcdba8f7ef659a00d24bd1249141be Description: h2o is an HTTP server with support for HTTP/1.x, HTTP/2, and HTTP/3. The configuration directives provided by the headers handler allow...

SUSE-SU-2021:1807-1 Security update for python-httplib2

This update for python-httplib2 contains the following fixes: Security fixes included in this update: - CVE-2021-21240: Fixed a regular expression denial of service via malicious header bsc1182053. - CVE-2020-11078: Fixed an issue where an attacker could change request headers and body bsc1171998...

PYSEC-2020-46

In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for httplib2.Http.request could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httplib2 with uri constructed by string concatenation, as...

CVE-2007-6504

Unspecified vulnerability in IIS/iibind.asp in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to change the headers of arbitrary hosts via an unspecified parameter...