RHCOS : OpenShift Container Platform 4.8.25 (RHSA-2021:5208)

The remote Red Hat Enterprise Linux CoreOS host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:5208 advisory. - haproxy: does not ensure that the scheme and path portions of a URI have the expected characters CVE-2021-39240 - haproxy: an HTTP...

Authentication Bypass

Apache Tomcat is vulnerable to Authentication Bypass. The vulnerability is due to improper validation between the TLS SNI hostname and the HTTP Host header, allowing a client to send mismatched hostnames and bypass client certificate authentication in configurations with multiple virtual hosts...

SUSE CVE-2025-66614

Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through 9.0.112. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Older EOL...

Apache Tomcat - Client certificate verification bypass

Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through 9.0.112. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Older EOL...

CVE-2025-66614

Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through 9.0.112. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Older EOL...

CVE-2025-66614

Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through 9.0.112. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Older EOL...

CVE-2025-66614 Apache Tomcat: Client certificate verification bypass due to virtual host mapping

Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through 9.0.112. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Older EOL...

Medium: haproxy2

Issue Overview: A flaw was found in haproxy. An input validation flaw when processing HTTP/2 requests causes haproxy to not ensure that the scheme and path portions of a URI have the expected characters. This may cause specially crafted input to bypass implemented security restrictions. The highe...

CVE-2022-39348

Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host twisted.web.vhost.NameVirtualHost will return a NoResource resource which renders the Host header unescaped into the 404 response allowing HTML and scri...

Twisted 跨站脚本漏洞

Twisted is an event-driven open source web engine written in Python. A security vulnerability exists in Twisted versions 0.9.4 through 22.10.0rc1, which stems from the fact that when the host header does not match the configured host, "twisted.web.vhost. "NoResource" resource that unescapes the...

OESA-2021-1333 haproxy security update

HAProxy is a free, very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is particularly suited for very high traffic web sites and powers quite a number of the world's most visited ones. Security Fixes: An issue was...