Lucene search
K

4 matches found

OSV
OSV
added 2026/06/17 6:13 p.m.5 views

GHSA-MX8G-39Q3-5C79 webpack-dev-server vulnerable to HMR WebSocket interception via permissive user proxies

Impact When a user-configured proxy on webpack-dev-server has a broad context e.g. / and ws: true, it also intercepts the dev server's own HMR WebSocket and forwards it to the proxy target. This leaks the browser's cookies and Origin header to the backend, bypasses the dev server's Host/Origin...

5.3CVSS5.4AI score0.00163EPSS
Exploits0References7
Snyk
Snyk
added 2026/06/15 5:39 p.m.9 views

Unintended Proxy or Intermediary ('Confused Deputy')

Overview webpack-dev-server is an Uses webpack with a development server that provides live reloading. It should be used for development only. Affected versions of this package are vulnerable to Unintended Proxy or Intermediary 'Confused Deputy' via permissive user proxy configurations that inclu...

7.1CVSS5.9AI score0.00163EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/11 12:0 a.m.3 views

EulerOS 2.0 SP11 : golang (EulerOS-SA-2025-2481)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.CVE-2025-4673 If...

7CVSS6.5AI score0.0056EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/29 4:12 p.m.34 views

Security Bulletin: IBM Guardium Data Security Center is affected by multiple vulnerabilities

Summary IBM Guardium Data Security Center has addressed these vulnerabilties with an update. Vulnerability Details CVEID:CVE-2025-4673 DESCRIPTION: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVSS Source: CISA A...

9.1CVSS8.1AI score0.73495EPSS
Exploits7Affected Software1
Rows per page
Query Builder