4 matches found
Security Bulletin: A vulnerability has been identified in IBM DevOps Plan that allows a Host Header Injection attack due to improper handling of the Host header in HTTP requests. (CVE-2026-4096)
Summary A vulnerability has been identified in IBM DevOps Plan that allows a Host Header Injection attack due to improper handling of the Host header in HTTP requests. Version 3.0.7 addresses the vulnerability. Vulnerability Details CVEID:CVE-2026-4096 DESCRIPTION: IBM DevOps Plan is vulnerable t...
PT-2026-29601
Name of the Vulnerable Software and Affected Versions AIOHTTP versions prior to 3.13.4 Description Insufficient restrictions in header/trailer handling could lead to uncapped memory usage. An application could experience memory exhaustion when processing attacker-controlled requests or responses....
CVE-2025-0154
IBM TXSeries for Multiplatforms 9.1 and 11.1 could disclose sensitive information to a remote attacker due to improper neutralization of HTTP headers...
The vulnerability of the software for implementing the hypertext environment MediaWiki, related to the transmission of invalid headers in the API, allows a violator to gain unauthorized access to protected information.
The vulnerability of the software for implementing the hypertext environment MediaWiki is related to the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...