2483 matches found
Photos and Files Contest Gallery – Contact Form < 21.2.8.1 - Unauthenticated Stored XSS via HTTP Headers
Description The plugin does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks via certain headers. PoC 1. Use a proxy such as BurpSuite to add the following header to all requests: X-Forwarded-For: 11.11.11.11 2. Create a...
Important: curl
Issue Overview: HTTP headers eat all memory NOTE: https://www.openwall.com/lists/oss-security/2023/09/13/1 NOTE: https://curl.se/docs/CVE-2023-38039.html NOTE: Introduced by: https://github.com/curl/curl/commit/7c8c723682d524ac9580b9ca3b71419163cb5660 curl-7830 NOTE: Experimental tag removed in:...
`Cookie` HTTP header isn't stripped on cross-origin redirects
urllib3 doesn't treat the Cookie HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of the user. However, it is possible for a user to specify a Cookie header and unknowingly leak information via HTTP redirects to a different origin if that user...
K000137090: Node.js vulnerabilities CVE-2018-12121, CVE-2018-12122, and CVE-2018-12123
Security Advisory Description CVE-2018-12121 Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers almost 80 KB per connection, and carefully timed completion of the...
[SECURITY] [DSA 5507-1] jetty9 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5507-1 [email protected] https://www.debian.org/security/ Markus Koschany September 28, 2023 https://www.debian.org/security/faq -...
CVE-2023-41834
Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Flink Stateful Functions 3.1.0, 3.1.1 and 3.2.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted HTTP requests. Attackers could potentially inject malicious content...
CVE-2023-41834
Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Flink Stateful Functions 3.1.0, 3.1.1 and 3.2.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted HTTP requests. Attackers could potentially inject malicious content...
Crlf injection
Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Flink Stateful Functions 3.1.0, 3.1.1 and 3.2.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted HTTP requests. Attackers could potentially inject malicious content...
CVE-2023-41834
CVE-2023-41834 affects Apache Flink Stateful Functions. The issue is an improper neutralization of CRLF sequences in HTTP headers, enabling remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting in versions 3.1.0, 3.1.1 and 3.2.0. Potential consequence: injected con...
Hackerone: CVE-2023-38039 HTTP headers eat all memory
...
PT-2023-28114 · Apache · Apache Flink Stateful Functions
Name of the Vulnerable Software and Affected Versions: Apache Flink Stateful Functions versions 3.1.0 through 3.2.0 Description: The issue allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted HTTP requests. Attackers could potentially...
FreeBSD : curl -- HTTP headers eat all memory (833b469b-5247-11ee-9667-080027f5fec9)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 833b469b-5247-11ee-9667-080027f5fec9 advisory. - When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed lat...
CVE-2023-38039
When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of header...
curl security vulnerability
Curl is a tool used to transfer data from or to a server. A security vulnerability exists in curl that stems from not limiting the number or size of http headers, allowing a malicious server to ultimately cause curl to exhaust heap memory by transmitting sequence headers...
CVE-2023-4958
In Red Hat Advanced Cluster Security RHACS, it was found that some security related HTTP headers were missing, allowing an attacker to exploit this with a clickjacking attack. An attacker could exploit this by convincing a valid RHACS user to visit an attacker-controlled web page, that deceptivel...
[slackware-security] curl
New curl packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/curl-8.3.0-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: HTTP headers eat all memory...
CURL-CVE-2023-38039 HTTP headers eat all memory
When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit on the size or quantity of headers it would accept in a response, allowing a malicious server to stream an endless series of...
CVE-2023-34041 CVE-2023-34041-Abuse of HTTP Hop-by-Hop Headers in Cloud Foundry Gorouter
Cloud foundry routing release versions prior to 0.278.0 are vulnerable to abuse of HTTP Hop-by-Hop Headers. An unauthenticated attacker can use this vulnerability for headers like B3 or X-B3-SpanID to affect the identification value recorded in the logs in foundations...
Exploit for Code Injection in Citrix Netscaler_Application_Delivery_Controller
cve-2023-3519-citrix-scanner This script is a basic Citrix Sc...
InterPhoto 2.3.0 Shell Upload
==================================================================================================================================== | Title : InterPhoto 2.3.0 Persians Remote Shell Upload vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...