Security Bulletin: IBM Cloud Pak For Security vulnerable to potential information disclosure through HTTP headers (CVE-2020-4967)

Summary IBM Cloud Pak for Security 1.3.0.1 could disclose sensitive information through HTTP headers which could be used in further attacks against the system. Response headers include information that provide an attacker with clues that can be used to focus attacks for better results. This has...

CVE-2020-4967

IBM Cloud Pak for Security CP4S 1.3.0.1 could disclose sensitive information through HTTP headers which could be used in further attacks against the system. IBM X-Force ID: 192425...

CVE-2020-14359

A vulnerability was found in all versions of Keycloak Gatekeeper, where on using lower case HTTP headers via cURL an attacker can bypass our Gatekeeper. Lower case headers are also accepted by some webservers e.g. Jetty. This means there is no protection when we put a Gatekeeper in front of a Jet...

CVE-2021-22132

Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in...

CVE-2021-22132

Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in...

CVE-2021-22132

Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in...

Information disclosure

Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in...

CVE-2021-22132

Elasticsearch 7.7.0–7.10.1 exposes an information-disclosure flaw in the async search API: executed async searches cause HTTP headers to be stored, potentially allowing a user who can read the .tasks index to obtain other users’ sensitive request headers. The issue is fixed in Elasticsearch 7.10....

SAP Commerce Cloud Input Validation Error Vulnerability

SAP Commerce Cloud is an e-commerce cloud platform from SAP Germany. The platform provides enterprise-level e-commerce business support. SAP Commerce Cloud versions 1808, 1811, 1905, 2005, and 2011 suffer from an Input Validation Error vulnerability, which is caused by an authenticated attacker...

The vulnerability of the Node.js software platform is related to an error in handling HTTP headers. This error allows attackers to gain access to protected information or enhance their privileges.

The vulnerability of the Node.js software platform is related to an error in handling HTTP header names. Exploiting this vulnerability can allow a remote attacker to gain access to protected information or enhance their privileges...

CRLF Injection

wget is vulnerable to CRLF injection. The urlparse function in url.c allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the host subcomponent of a URL...

Logitech: CSRF in changing users donation_settings [https://streamlabs.com/api/v6/viewer-portal/viewer-settings/donation_settings]

Hey there, I have found that the api/v6/viewer-portal/viewer-settings/donationsettings endpoint is vulnerable to csrf attack, which allows an attacker to update victim's donationsettings like username,amount...

Debian DLA-2460-1 : golang-1.8 security update

Three issues have been found in golang-1.8, a Go programming language compiler version 1.8 CVE-2020-15586 Using the 100-continue in HTTP headers received by a net/http/Server can lead to a data race involving the connection's buffered writer. CVE-2020-16845 Certain invalid inputs to ReadUvarint o...

Debian DLA-2459-1 : golang-1.7 security update

Two issues have been found in golang-1.7, a Go programming language compiler version 1.7 CVE-2020-15586 Using the 100-continue in HTTP headers received by a net/http/Server can lead to a data race involving the connection's buffered writer. CVE-2020-16845 Certain invalid inputs to ReadUvarint or...

Debian: Security Advisory (DLA-2459-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2460-1] golang-1.8 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2460-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz November 21, 2020 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2459-1] golang-1.7 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2459-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz November 21, 2020 https://wiki.debian.org/LTS -...

CVE-2020-12145

Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+ uses HTTP headers to authenticate REST API calls from localhost. This makes it possible to log in to Orchestrator by introducing an HTTP HOST header set to 127.0.0.1 or localhost. Orchestrator instances that are hosted ...

Design/Logic Flaw

Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+ uses HTTP headers to authenticate REST API calls from localhost. This makes it possible to log in to Orchestrator by introducing an HTTP HOST header set to 127.0.0.1 or localhost. Orchestrator instances that are hosted ...

CVE-2020-12145 Silver Peak Unity OrchestratorTM authentication can be subverted through manipulation of HTTP headers.

Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+ uses HTTP headers to authenticate REST API calls from localhost. This makes it possible to log in to Orchestrator by introducing an HTTP HOST header set to 127.0.0.1 or localhost. Orchestrator instances that are hosted ...