SUSE CVE-2014-8639

Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 do not properly interpret Set-Cookie headers within responses that have a 407 aka Proxy Authentication Required status code, which allows remote HTTP proxy servers to conduct session...

SUSE CVE-2015-1229

net/http/proxyclientsocket.cc in Google Chrome before 41.0.2272.76 does not properly handle a 407 aka Proxy Authentication Required HTTP status code accompanied by a Set-Cookie header, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response...

SUSE CVE-2016-0755

The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015...

SUSE CVE-2016-5133

Google Chrome before 52.0.2743.82 mishandles origin information during proxy authentication, which allows man-in-the-middle attackers to spoof a proxy-authentication login prompt or trigger incorrect credential storage by modifying the client-server data stream...

Jenkins Plugin Reverse Proxy Auth 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

Jetbrains JetBrains TeamCity授权问题漏洞

JetBrains TeamCity is a distributed build management and continuous integration tool from JetBrains Jetbrains, a Czech company. The tool provides continuous unit testing, code quality analysis, and build issue analysis reporting.An authorization issue vulnerability exists in versions prior to...

FAQ: Citrix Secure Web and Proxy Support

This article answers the frequently asked questions on Secure Web and Web proxy support. For more information about Secure Web and proxy support, refer to Citrix Documentation - Citrix Secure Web. The support for PAC file inMDX application is removed as of September 2021. This means Citrix has...

SUSE: Security Advisory (SUSE-SU-2013:0410-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CNCF Keylime Trust Management Issue Vulnerability

CNCF Keylime is a CNCF open source application. It provides a highly scalable solution for remote boot attestation and runtime integrity measurement. A trust management issue vulnerability existed prior to keylime version 5.8.1, which stemmed from a failed chain of trust ciphers for proxy...

Privilege Escalation

proxypy is vulnerable to privilege escalation. The vulnerability exist because of a logic bug that allows bypass to the proxy authentication which is able to set one of its operands to False to skip the challenge...

PYSEC-2021-46

beforeupstreamconnection in AuthPlugin in http/proxy/auth.py in proxy.py before 2.3.1 accepts incorrect Proxy-Authorization header data because of a boolean confusion and versus or...

The vulnerability of the Proxy-Authentication component of the Squid proxy server allows a hacker to cause a service failure or execute arbitrary code.

The vulnerability of the Proxy-Authentication component of the Squid proxy server is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code...

CentOS: Security Advisory for squid (CESA-2020:2040)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Denial Of Service (DoS)

Squid is vulnerable to denial of service DoS. Parsing of header Proxy-Authentication leads to memory corruption...

Scientific Linux Security Update : squid on SL7.x x86_64 (20200506)

Security Fixes : - squid: improper check for new member in ESIExpression::Evaluate allows for stack-based buffer overflow CVE-2019-12519 - squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution CVE-2020-11945 - squid: parsing of header...

Huawei EulerOS: Security Advisory for java-1.7.0-openjdk (EulerOS-SA-2016-1080)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox ESR < 31.4 Multiple Vulnerabilities

Binary data 701250.prm...

ALPINE-CVE-2019-12529

An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checki...

UBUNTU-CVE-2019-12529

An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checki...

RHEL 6 : spacewalk-backend and spacewalk-proxy (RHSA-2019:1663)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1663 advisory. Spacewalk is an Open Source systems management solution that provides system provisioning, configuration and patching capabilities. Security Fixes:...