Lucene search
K

8 matches found

EUVD
EUVD
added 2026/06/18 3:3 p.m.7 views

EUVD-2026-37814

BBOT: Server-Side Request Forgery SSRF in dockerpull module via WWW-Authenticate realm parsing...

3.1CVSS5.2AI score0.00167EPSS
Exploits0References3
CVE
CVE
added 2026/06/17 9:48 p.m.26 views

CVE-2026-12566

The CVE describes a vulnerability in the docker_pull module where the realm parameter from a Docker registry’s WWW-Authenticate header is used as the authentication endpoint without validation. This enables a man-in-the-middle between bb ot and a Docker registry to alter the header and redirect t...

3.1CVSS5.5AI score0.00167EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.11 views

PT-2026-50561

Name of the Vulnerable Software and Affected Versions bbot affected versions not specified Description The docker pull module fails to validate the realm parameter received from a Docker registry's WWW-Authenticate response header when using it as the authentication endpoint. A man-in-the-middle...

3.1CVSS5.4AI score0.00167EPSS
Exploits0References2
CVE
CVE
added 2026/06/12 8:58 a.m.21 views

CVE-2026-50630

The CVE-2026-50630 issue affects Apache CXF’s OAuth2 implementation, where the AuthorizationUtils class concatenates the realm parameter into the WWW-Authenticate header without sanitizing CR/LF characters. This can enable header injection or HTTP response splitting if an attacker controls the re...

6.5CVSS5.5AI score0.00404EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/07/22 7:15 p.m.3 views

CVE-2025-51471

Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.6.7 allows remote attackers to steal authentication tokens and bypass access controls via a malicious realm value in a WWW-Authenticate header returned by the /api/pull endpoint...

6.9CVSS7.2AI score0.03837EPSS
Exploits2References4
Snyk
Snyk
added 2025/07/22 6:50 p.m.1 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the server.auth.URL function. An attacker can obtain authentication tokens and circumvent access controls by supplying a crafted realm value in the WWW-Authenticate header returned from the /api/pull endpoint...

6.9CVSS7AI score0.03837EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2011/06/22 11:31 p.m.5 views

tomcat: information disclosure in authentication headers

Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires 1 BASIC or 2 DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the rep...

2.6CVSS6.1AI score0.52507EPSS
Exploits6References4
Positive Technologies
Positive Technologies
added 2010/04/23 12:0 a.m.8 views

PT-2010-2872 · Apache +1 · Apache Tomcat +1

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 5.5.0 through 5.5.29 Apache Tomcat versions 6.0.0 through 6.0.26 Description: The issue allows remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires either...

7.5CVSS5.3AI score0.9444EPSS
Exploits38References86
Rows per page
Query Builder