149 matches found
Apache Traffic Server Access Control Error Vulnerability
Apache Traffic Server ATS is the United States Apache Apache Foundation's set of scalable HTTP proxy and caching server. An access control error vulnerability exists in Apache Traffic Server ATS versions 10.0.0 through 10.0.6 and 9.0.0 through 9.2.10, which stems from an ACL configuration that do...
CVE-2025-31698
A flaw was found in trafficserver. Access control lists ACLs configured within ipallow.config or remap.config incorrectly utilize IP addresses, failing to account for those provided by the PROXY protocol. This can allow an attacker to bypass intended access restrictions by manipulating the source...
DEBIAN-CVE-2025-31698
ACL configured in ipallow.config or remap.config does not use IP addresses that are provided by PROXY protocol. Users can use a new setting proxy.config.acl.subjects to choose which IP addresses to use for the ACL if Apache Traffic Server is configured to accept PROXY protocol. This issue affects...
CVE-2025-31698
ACL configured in ipallow.config or remap.config does not use IP addresses that are provided by PROXY protocol. Users can use a new setting proxy.config.acl.subjects to choose which IP addresses to use for the ACL if Apache Traffic Server is configured to accept PROXY protocol. This issue affects...
CVE-2025-31698
ACL configured in ipallow.config or remap.config does not use IP addresses that are provided by PROXY protocol. Users can use a new setting proxy.config.acl.subjects to choose which IP addresses to use for the ACL if Apache Traffic Server is configured to accept PROXY protocol. This issue affects...
UBUNTU-CVE-2025-31698
ACL configured in ipallow.config or remap.config does not use IP addresses that are provided by PROXY protocol. Users can use a new setting proxy.config.acl.subjects to choose which IP addresses to use for the ACL if Apache Traffic Server is configured to accept PROXY protocol. This issue affects...
CVE-2025-31698 Apache Traffic Server: Client IP address from PROXY protocol is not used for ACL
ACL configured in ipallow.config or remap.config does not use IP addresses that are provided by PROXY protocol. Users can use a new setting proxy.config.acl.subjects to choose which IP addresses to use for the ACL if Apache Traffic Server is configured to accept PROXY protocol. This issue affects...
CVE-2025-31698
ACL configured in ipallow.config or remap.config does not use IP addresses that are provided by PROXY protocol. Users can use a new setting proxy.config.acl.subjects to choose which IP addresses to use for the ACL if Apache Traffic Server is configured to accept PROXY protocol. This issue affects...
CVE-2025-31698
Summary : CVE-2025-31698 affects Apache Traffic Server (ATS). The ACLs configured in ip_allow.config or remap.config may use IP addresses not provided by the PROXY protocol when ATS is configured to accept PROXY, exposing confidentiality. Affected ranges include 10.0.0–10.0.6 and 9.0.0–9.2.10. Ro...
CVE-2025-31698 Apache Traffic Server: Client IP address from PROXY protocol is not used for ACL
ACL configured in ipallow.config or remap.config does not use IP addresses that are provided by PROXY protocol. Users can use a new setting proxy.config.acl.subjects to choose which IP addresses to use for the ACL if Apache Traffic Server is configured to accept PROXY protocol. This issue affects...
Apache Traffic Server(ATS) 访问控制错误漏洞
Apache Traffic Server ATS is the United States Apache Apache Foundation's set of scalable HTTP proxy and caching server. An access control error vulnerability exists in Apache Traffic Server ATS versions 10.0.0 through 10.0.6 and 9.0.0 through 9.2.10, which stems from an ACL configuration that do...
CVE-2024-35175
sshpiper is a reverse proxy for sshd. Starting in version 1.0.50 and prior to version 1.3.0, the way the proxy protocol listener is implemented in sshpiper can allow an attacker to forge their connecting address. Commit 2ddd69876a1e1119059debc59fe869cb4e754430 added the proxy protocol listener as...
IP Address Spoofing
github.com/phires/go-guerrilla is vulnerable to IP address spoofing. The vulnerability is due to improper enforcement of the PROXY protocol due to the server accepting multiple PROXY commands, allowing clients to override the original IP address...
PT-2025-25771 · Apache +1 · Apache Traffic Server +1
Name of the Vulnerable Software and Affected Versions: Apache Traffic Server versions 9.0.0 through 9.2.10 Apache Traffic Server versions 10.0.0 through 10.0.6 Description: The issue arises when the ACL configured in ip allow.config or remap.config does not utilize IP addresses provided by the...
undertow: Improper State Management in Proxy Protocol parsing causes information leakage
A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the...
The vulnerability of the Kerberos Key Distribution Center (KDC) Proxy Protocol implementation in Windows operating systems allows a perpetrator to execute arbitrary code.
The vulnerability of the Kerberos Key Distribution Center KDC Proxy Protocol implementation in Windows operating systems is related to numerical truncation errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
undertow: Improper State Management in Proxy Protocol parsing causes information leakage
A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 Security update
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
undertow: Improper State Management in Proxy Protocol parsing causes information leakage
A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the...
undertow: Improper State Management in Proxy Protocol parsing causes information leakage
A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the...