PT-2026-42674

Summary The request-filtering-agent SSRF protection was non-functional in the four notification webhook plugins Slack, Discord, Mattermost, Teams because httpAgent / httpsAgent were passed as part of the request body rather than the axios config. An authenticated user with hook-creation permissio...

Moderate: Red Hat Security Advisory: rh-maven36-httpcomponents-client security update

An update for rh-maven36-httpcomponents-client is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Debian DSA-4772-1 : httpcomponents-client - security update

Priyank Nigam discovered that HttpComponents Client, a Java HTTP agent implementation, could misinterpret malformed authority component in a request URI and pick the wrong target host for request execution. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin we...

[SECURITY] Fedora 21 Update: 389-admin-1.1.38-1.fc21

389 Administration Server is an HTTP agent that provides management features for 389 Directory Server. It provides some management web apps that can be used through a web browser. It provides the authentication, access cont rol, and CGI utilities used by the console...

[SECURITY] Fedora 19 Update: httpcomponents-client-4.2.5-4.fc19

HttpClient is a HTTP/1.1 compliant HTTP agent implementation based on httpcomponents HttpCore. It also provides reusable components for client-side authentication, HTTP state management, and HTTP connection management. HttpComponents Client is a successor of and replacement for Commons HttpClient...

Important: Red Hat Security Advisory: thermostat1-httpcomponents-client security update

Updated thermostat1-httpcomponents-client packages that fix one security issue are now available for Red Hat Software Collections 1. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

DVR Infected with Bitcoin Mining Malware

Johannes Ullrich of the SANS Institute claims to have found malware infecting digital video recorders DVR predominately used to record footage captured by surveillance camera systems. Oddly enough, Ullrich claims that one of the two binaries of malware implicated in this attack scheme appears to ...

Fedora Update for nodejs-forever-agent FEDORA-2013-11780

Check for the Version of nodejs-forever-agent OpenVAS Vulnerability Test Fedora Update for nodejs-forever-agent FEDORA-2013-11780 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

[SECURITY] Fedora 18 Update: nodejs-forever-agent-0.5.0-1.fc18

HTTP Agent that keeps socket connections alive between keep-alive requests...

Fedora Update for fedora-ds-admin FEDORA-2008-3214

Check for the Version of fedora-ds-admin OpenVAS Vulnerability Test Fedora Update for fedora-ds-admin FEDORA-2008-3214 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...