5 matches found
PT-2026-2133
Name of the Vulnerable Software and Affected Versions CryptoLib versions prior to 1.4.3 Description CryptoLib is a software solution utilizing the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft and a ground station. Before versi...
Ping Identity PingFederate 安全漏洞
Ping Identity PingFederate is a flagship software-based federation server from US-based Ping Identity, Inc. for identity management. A security vulnerability exists in Ping Identity PingFederate that stems from mishandling of non-200 HTTP responses, which could lead to thread exhaustion...
ROS-20221108-21
The cURL command line utility vulnerability is related to a boundary error when processing non-200 HTTP responses proxies for the following schemes: dict, gopher, gophers, ldap, ldaps, rtmp, rtmps, telnet. Exploitation vulnerability could allow an attacker acting remotely to cause a bug by forcin...
Databasir 代码问题漏洞
Databasir is a team-oriented document management platform for relational database models. A code issue vulnerability exists in Databasir versions prior to 1.0.7 that stems from a server-side request forgery SSRF vulnerability by providing a jdbcDriverFileUrl that returns a non-200 response code,...
Firefox SSL tampering via non-200 responses to proxy CONNECT requests
Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 use the HTTP Host header to determine the context of a document provided in a non-200 CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying...