Lucene search
K

67 matches found

RedHat Linux
RedHat Linux
added 2024/09/09 1:48 a.m.6 views

httpd: Security issues via backend applications whose response headers are malicious or exploitable

A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery SSRF or local script execution...

9.8CVSS7.1AI score0.41611EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/09 1:33 a.m.5 views

httpd: Security issues via backend applications whose response headers are malicious or exploitable

A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery SSRF or local script execution...

9.8CVSS7.1AI score0.41611EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/03 1:55 a.m.6 views

httpd: Security issues via backend applications whose response headers are malicious or exploitable

A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery SSRF or local script execution...

9.8CVSS7.1AI score0.41611EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/26 8:9 a.m.5 views

httpd: Security issues via backend applications whose response headers are malicious or exploitable

A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery SSRF or local script execution...

9.8CVSS7.1AI score0.41611EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/26 7:39 a.m.3 views

httpd: Security issues via backend applications whose response headers are malicious or exploitable

A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery SSRF or local script execution...

9.8CVSS7.1AI score0.41611EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/12 2:39 a.m.12 views

httpd: Security issues via backend applications whose response headers are malicious or exploitable

A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery SSRF or local script execution...

9.8CVSS7.1AI score0.41611EPSS
Exploits0References5
Veracode
Veracode
added 2024/07/09 6:7 a.m.31 views

Server Side Request Forgery (SSRF)

Apache HTTP Server 2.4.59 is vulnerable to SSRF. The vulnerability is due to a missing validation in response headers leading to information disclosure, SSRF or local script execution via backend applications which have malicious or exploitable header...

9.8CVSS6.2AI score0.41611EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/07/03 7:16 a.m.42 views

BIT-APACHE-2024-38476 Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect

Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue...

9.8CVSS8.6AI score0.41611EPSS
Exploits0References5
Hacker One
Hacker One
added 2024/07/03 7:9 a.m.73 views

Internet Bug Bounty: important: Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect (CVE-2024-38476)

The Apache HTTP Server vulnerability CVE-2024-38476 was discovered in versions 2.4.0 through 2.4.59. The vulnerability allowed the use of exploitable or malicious backend application output to run local handlers via internal redirect. Users were recommended to upgrade to version 2.4.60, which fix...

9.8CVSS8.6AI score0.41611EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2024/07/02 5:32 p.m.263 views

CVE-2024-38476

A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery SSRF or local script execution. Mitigation Red Hat has investigated whether a possible mitigation exists for this issue, and has not be...

9.1CVSS8.8AI score0.41611EPSS
Exploits0References4
NVD
NVD
added 2024/07/01 7:15 p.m.149 views

CVE-2024-38476

Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue...

9.8CVSS0.41611EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/07/01 7:15 p.m.92 views

CVE-2024-38476

Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue...

9.8CVSS6.9AI score0.41611EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/07/01 6:15 p.m.144 views

CVE-2024-38476 Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect

Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue...

6.4AI score0.41611EPSS
Exploits0References2
OSV
OSV
added 2024/07/01 6:15 p.m.92 views

CVE-2024-38476 Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect

Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue...

9.8CVSS6.2AI score0.41611EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2024/07/01 6:15 p.m.51 views

CVE-2024-38476

Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue...

9.8CVSS7.1AI score0.41611EPSS
Exploits0
CVE
CVE
added 2024/07/01 6:15 p.m.9492 views

CVE-2024-38476

CVE-2024-38476 concerns Apache HTTP Server 2.4.59 and earlier where backend applications emitting malicious or exploitable response headers can lead to information disclosure, SSRF, or local script execution via internal redirects. The connected advisories confirm the issue affects httpd/core beh...

9.8CVSS6.2AI score0.41611EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2024/07/01 6:15 p.m.184 views

CVE-2024-38476 Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect

Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue...

0.41611EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2024/07/01 6:15 p.m.47 views

CVE-2024-38476

Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue...

9.8CVSS6.6AI score0.41611EPSS
Exploits0
CNNVD
CNNVD
added 2023/07/28 12:0 a.m.6 views

3s-smart Software Solutions CODESYS Development System 安全漏洞

3s-smart Software Solutions CODESYS Development System is a suite of programming tools for use in the field of industrial controllers and automation technology from 3s-smart Software Solutions, Germany. A security vulnerability exists in the CODESYS Development System that stems from an insecure...

7.3CVSS7.3AI score0.00196EPSS
Exploits0References2
OSV
OSV
added 2021/06/25 9:15 p.m.4 views

CVE-2021-25654

An arbitrary code execution vulnerability was discovered in Avaya Aura Device Services that may potentially allow a local user to execute specially crafted scripts. Affects 7.0 through 8.1.4.0 versions of Avaya Aura Device Services...

7.8CVSS6.3AI score0.00778EPSS
Exploits0References1
Rows per page
Query Builder