8 matches found
GHSA-MF92-479X-3373 Spring Security HTTP Headers Are not Written Under Some Conditions
When applications specify HTTP response headers for servlet applications using Spring Security, there is the possibility that the HTTP Headers will not be written. This issue affects Spring Security: from 5.7.0 through 5.7.21, from 5.8.0 through 5.8.23, from 6.3.0 through 6.3.14, from 6.4.0...
CVE-2026-22732
When applications specify HTTP response headers for servlet applications using Spring Security, there is the possibility that the HTTP Headers will not be written. This issue affects Spring Security Servlet applications using lazy default writing of HTTP Headers: : from 5.7.0 through 5.7.21, from...
SUSE CVE-2026-25797
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker can provide a...
CVE-2026-1299
The email module, specifically the "BytesGenerator" class, didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized. This is only applicable if using "LiteralHeader" writing headers that don't respect email foldin...
undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer
An information leak vulnerability was found in Undertow. If all headers are not written out in the first write call then the code that handles flushing the buffer will always write out the full contents of the writevBuffer buffer, which may contain data from previous requests...
undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer
An information leak vulnerability was found in Undertow. If all headers are not written out in the first write call then the code that handles flushing the buffer will always write out the full contents of the writevBuffer buffer, which may contain data from previous requests...
PT-2019-5891 · Unknown +2 · Libsndfile +2
Name of the Vulnerable Software and Affected Versions: Libsndfile affected versions not specified Description: The issue is related to a read beyond the limits of a buffer in the wav write header function in wav.c. This can be exploited by a local attacker to make the application crash, resulting...
CVE-2018-14642
An information leak vulnerability was found in Undertow. If all headers are not written out in the first write call then the code that handles flushing the buffer will always write out the full contents of the writevBuffer buffer, which may contain data from previous requests...