Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.22 views

EUVD-2021-1208

Malware in sbrugna...

5.3CVSS5.5AI score0.00819EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2021/05/10 3:18 p.m.6 views

cloud.altemista.fwk.framework:cloud-altemistafwk-documentation (=3.1.0.RELEASE), cloud.altemista.fwk.microservices:cloud-altemistafwk-core-microservices-gateway-conf (=3.1.0.RELEASE) +78 more potentially affected by CVE-2021-22113 via org.springframework.cloud:spring-cloud-netflix-zuul (>=2.0.0.RELEASE <=2.2.6.RELEASE)

org.springframework.cloud:spring-cloud-netflix-zuul MAVEN version =2.0.0.RELEASE, =B.0.0.1, =B.0.0.1, =B.0.0.1, =B.0.0.1, =B.0.0.1, =B.0.0.1, =B.0.0.1, =D.0.1.0-Beta-3 and more Source cves: CVE-2021-22113 Source advisory: OSV:GHSA-VWPG-F6GW-RJVFhttps://vulners.com/osv/OSV:GHSA-VWPG-F6GW-RJVF...

5.3CVSS6.4AI score0.00819EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2021/05/10 3:18 p.m.67 views

Incorrect Authorization in Spring Cloud Netflix Zuul

Applications using the “Sensitive Headers” functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the “Sensitive Headers” restriction when executing requests with specially constructed URLs. Applications that use Spring Security's StrictHttpFirewall...

5.3CVSS2.4AI score0.00819EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2021/03/09 6:49 p.m.139 views

Possible request smuggling in HTTP/2 due missing validation

Impact If a Content-Length header is present in the original HTTP/2 request, the field is not validated by Http2MultiplexHandler as it is propagated up. This is fine as long as the request is not proxied through as HTTP/1.1. If the request comes in as an HTTP/2 stream, gets converted into the...

5.9CVSS0.2AI score0.18891EPSS
Exploits0References93Affected Software3
CVE
CVE
added 2021/02/23 4:4 p.m.74 views

CVE-2021-22113

The CVE-2021-22113 entry concerns Spring Cloud Netflix Zuul 2.2.6.RELEASE and earlier, where the Sensitive Headers functionality can be bypassed by specially constructed URLs. The Red Hat and GN documents corroborate that Zuul’s handling of sensitive headers is vulnerable, potentially allowing an...

5.3CVSS5.2AI score0.00819EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder