Lucene search
K

5 matches found

CNNVD
CNNVD
added 2026/05/28 12:0 a.m.10 views

Plack::Middleware::Security::Common 安全漏洞

Plack::Middleware::Security::Common is a Perl web application security header middleware developed by RRWO’s individual developers. Versions of Plack::Middleware::Security::Common prior to 0.13.1 contained security vulnerabilities. These vulnerabilities stemmed from ineffective header injection...

7.3CVSS5.8AI score0.00226EPSS
Exploits0References2
Imperva Blog
Imperva Blog
added 2025/03/14 5:16 p.m.25 views

Imperva Protects Against the Apache Camel Vulnerabilities

Introduction: Understanding the Apache Camel Flaw On March 9, 2025, Apache released a security advisory for CVE-2025-27636, a vulnerability in the Apache Camel framework that allows attackers to bypass header filtering via miscased headers. Although rated as moderate, this vulnerability...

5.6CVSS5.7AI score0.79817EPSS
Exploits4
RedHat Linux
RedHat Linux
added 2021/05/18 2:6 p.m.6 views

resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class

A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed...

7.5CVSS5.7AI score0.02023EPSS
Exploits0References4
Veracode
Veracode
added 2020/04/10 1:7 a.m.29 views

Insecure HTTP Headers

firefox is vulnerable to insecure HTTP headers. The vulnerability exists as a flaw was found in the way Firefox handled pages with multiple Content Security Policy CSP headers. This could lead to a cross-site scripting attack if used in conjunction with a website that has a header injection flaw...

4.3CVSS0.02459EPSS
Exploits0References29Affected Software3
OSV
OSV
added 2016/10/26 1:22 p.m.9 views

SUSE-SU-2016:2653-1 Security update for python3

This update provides Python 3.4.5, which brings many fixes and enhancements. The following security issues have been fixed: - CVE-2016-1000110: CGIHandler could have allowed setting of HTTPPROXY environment variable based on user supplied Proxy request header. bsc989523 - CVE-2016-0772: A...

10CVSS7.2AI score0.2548EPSS
Exploits7References12
Rows per page
Query Builder