Elastic APM agent for Python client CGI proxy redirection flaw

When the Elastic APM agent for Python versions before 5.1.0 is run as a CGI script, there is a variable name clash flaw if a remote attacker can control the proxy header. This could result in an attacker redirecting collected APM data to a proxy of their choosing...

GHSA-22JH-6GX8-F944 Elastic APM agent for Python client CGI proxy redirection flaw

When the Elastic APM agent for Python versions before 5.1.0 is run as a CGI script, there is a variable name clash flaw if a remote attacker can control the proxy header. This could result in an attacker redirecting collected APM data to a proxy of their choosing...

GHSA-GGMX-PQ89-7MCR Plaintext Storage of a Password in Jenkins Configuration as Code Plugin

Jenkins Configuration as Code Plugin prior to version 1.25 did not treat the proxy password as a secret to be masked when logging or encrypted for export...

CVE-2020-8225

A cleartext storage of sensitive information in Nextcloud Desktop Client 2.6.4 gave away information about used proxies and their authentication credentials...

Debian DSA-5138-1 : waitress - security update

The remote Debian 10 / 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5138 advisory. It was discovered that the Waitress WSGI server was susceptible to HTTP request smuggling in some scenarios when used behind a proxy. For the oldstable distribution...

CVE-2021-29726

IBM Sterling Secure Proxy 6.0.3 and IBM Secure External Authentication Server 6.0.3 does not properly ensure that a certificate is actually associated with the host due to improper validation of certificates. IBM X-Force ID: 201104...

CVE-2022-1722 SSRF in editor's proxy via IPv6 link-local address in jgraph/drawio

SSRF in editor's proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18.0.5. SSRF to internal link-local IPv6 addresses...

Updated python-waitress packages fix security vulnerability

When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy may disagree on where one request starts and where it ends. This would allow requests to be smuggled via the front-en...

GHSA-F866-M9MV-2XR3 Spring Framework and Spring Security vulnerable to Deserialization of Untrusted Data

Spring Framework 3.0.0 through 3.0.5, Spring Security 3.0.0 through 3.0.5 and 2.0.0 through 2.0.6, and possibly other versions deserialize objects from untrusted sources, which allows remote attackers to bypass intended security restrictions and execute untrusted code by 1 serializing a...

XSS in PHP-Proxy-App through v3.0

PHP-Proxy-App through 3.0 has Cross-Site Scripting XSS via the URL field in index.php...

GHSA-CGHJ-W42G-HQMR XSS in PHP-Proxy-App through v3.0

PHP-Proxy-App through 3.0 has Cross-Site Scripting XSS via the URL field in index.php...

Exploit for OS Command Injection in Zyxel Usg_Flex_100W_Firmware

CVE-2022-30525 Zyxel firewall: Unauthenticated remote comman...

Weak Cryptography in PHP-Proxy

The strrotpass function in vendor/atholn1600/php-proxy/src/helpers.php in PHP-Proxy 5.1.0 uses weak cryptography, which makes it easier for attackers to calculate the authorization data needed for local file inclusion...

GHSA-RJ76-H87P-R3WF Undertow vulnerable to Request Smuggling

In Undertow 2.x before 2.0.0.Alpha2, 1.4.x before 1.4.17.Final, and 1.3.x before 1.3.31.Final, it was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that als...

GHSA-JC7P-5R39-9477 Improper Input Validation in Apache Tomcat

The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a...

Powershell Exec, Reverse HTTP Stager Proxy

Execute an x86 payload from a command via PowerShell. Tunnel communication over HTTP Module Options msf use payload/cmd/windows/powershell/vncinject/reversehttpproxypstore msf payloadreversehttpproxypstore show actions ...actions... msf payloadreversehttpproxypstore set ACTION msf...

Server side request forgery (ssrf)

The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery SSRF when interceptor mode is set to proxy. It occurs when an HTTP request is made by a backend server to an untrusted URL submitted by a user. It leads to a leakage of sensitive information...

Fedora: Security Advisory for golang-github-grpc-ecosystem-gateway-2 (FEDORA-2022-3a63897745)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

GHSA-3HJG-VC7R-RCRW Denial of Service vulnerability in @podium/layout and @podium/proxy

Impact An attacker using the Trailer header as part of the request against proxy endpoints has the ability to take down the server. All Podium layouts that include podlets with proxy endpoints are affected. Patches @podium/layout which is the main way developers/users are vulnerable to this...

CVE-2022-20784 Cisco Web Security Appliance Filter Bypass Vulnerability

A vulnerability in the Web-Based Reputation Score WBRS engine of Cisco AsyncOS Software for Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to bypass established web request policies and access blocked content on an affected device. This vulnerability is due to...