Lucene search
K

16 matches found

NVD
NVD
added 2026/06/22 6:16 p.m.11 views

CVE-2026-46417

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-next.12, 21.2.13, 20.3.21, and 19.2.22, a Server-Side Request Forgery SSRF vulnerability exists in @angular/platform-server. The issue stems from how...

8.8CVSS0.00221EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/06/15 8:11 p.m.13 views

aiohttp: TLS Server Hostname Override Is Ignored When Reusing HTTPS Connections

Summary The serverhostname TLS SNI check can be bypassed when an existing connection is reused. Impact If an application makes multiple requests to the same domain, but with different per-request serverhostname parameters, then the later calls may succeed by reusing the existing connection when...

7.5CVSS5.3AI score0.00266EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.5 views

MiracleLinux 4 : rsyslog-5.8.10-2.AXS4 (AXSA:2012-586:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-586:02 advisory. Rsyslog is an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine...

2.1CVSS5.8AI score0.0042EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/11/21 9:29 a.m.6 views

webob: WebOb's location header normalization during redirect leads to open redirect

A vulnerability was found in the WebOb package. WebOb normalizes the HTTP Location header using urlparse and urljoin. If the URL starts with //, urlparse treats the following part as the hostname, and replaces the original request's hostname. This issue, combined with user interaction, may become...

6.1CVSS5.7AI score0.00497EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2024/10/16 8:30 p.m.4 views

webob: WebOb's location header normalization during redirect leads to open redirect

A vulnerability was found in the WebOb package. WebOb normalizes the HTTP Location header using urlparse and urljoin. If the URL starts with //, urlparse treats the following part as the hostname, and replaces the original request's hostname. This issue, combined with user interaction, may become...

6.1CVSS5.7AI score0.00497EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2024/10/02 6:8 a.m.4 views

webob: WebOb's location header normalization during redirect leads to open redirect

A vulnerability was found in the WebOb package. WebOb normalizes the HTTP Location header using urlparse and urljoin. If the URL starts with //, urlparse treats the following part as the hostname, and replaces the original request's hostname. This issue, combined with user interaction, may become...

6.1CVSS5.7AI score0.00497EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2024/09/19 11:50 a.m.6 views

webob: WebOb's location header normalization during redirect leads to open redirect

A vulnerability was found in the WebOb package. WebOb normalizes the HTTP Location header using urlparse and urljoin. If the URL starts with //, urlparse treats the following part as the hostname, and replaces the original request's hostname. This issue, combined with user interaction, may become...

6.1CVSS5.7AI score0.00497EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2024/08/17 1:47 a.m.5 views

SUSE CVE-2024-42353

WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Location header to include the request hostname, it does so by parsing the URL that the user is to be redirected to with Python's urlparse, and joining it to the base URL. urlparse however treats a // at the...

6.1CVSS6.9AI score0.00497EPSS
Exploits1References7
OSV
OSV
added 2024/08/14 9:15 p.m.7 views

AZL-47826 CVE-2024-42353 affecting package python-webob for versions less than 1.8.8-1

WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Location header to include the request hostname, it does so by parsing the URL that the user is to be redirected to with Python's urlparse, and joining it to the base URL. urlparse however treats a // at the...

6.1CVSS5.7AI score0.00497EPSS
Exploits1References1
OSV
OSV
added 2024/08/14 9:15 p.m.6 views

AZL-47820 CVE-2024-42353 affecting package python-webob for versions less than 1.8.8-1

WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Location header to include the request hostname, it does so by parsing the URL that the user is to be redirected to with Python's urlparse, and joining it to the base URL. urlparse however treats a // at the...

6.1CVSS5.7AI score0.00497EPSS
Exploits1References1
OSV
OSV
added 2024/08/14 9:15 p.m.4 views

PYSEC-2024-188

WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Location header to include the request hostname, it does so by parsing the URL that the user is to be redirected to with Python's urlparse, and joining it to the base URL. urlparse however treats a // at the...

6.1CVSS5.9AI score0.00497EPSS
Exploits1References2
OSV
OSV
added 2024/08/14 9:15 p.m.10 views

UBUNTU-CVE-2024-42353

WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Location header to include the request hostname, it does so by parsing the URL that the user is to be redirected to with Python's urlparse, and joining it to the base URL. urlparse however treats a // at the...

6.1CVSS6.4AI score0.00497EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.22 views

CentOS Update for rsyslog CESA-2012:0796 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

2.1CVSS5.2AI score0.0042EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2012/06/22 12:0 a.m.28 views

RedHat Update for rsyslog RHSA-2012:0796-04

Check for the Version of rsyslog OpenVAS Vulnerability Test RedHat Update for rsyslog RHSA-2012:0796-04 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

2.1CVSS6.4AI score0.0042EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/06/20 12:0 a.m.27 views

RHEL 6 : rsyslog (RHSA-2012:0796)

Updated rsyslog packages that fix one security issue, multiple bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which...

2.1CVSS6.3AI score0.0042EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2012/06/19 3:22 p.m.39 views

Moderate: Red Hat Security Advisory: rsyslog security, bug fix, and enhancement update

Updated rsyslog packages that fix one security issue, multiple bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which...

2.1CVSS6.3AI score0.0042EPSS
Exploits0References8
Rows per page
Query Builder