25 matches found
ROS-20241121-06
A vulnerability in the Consul service configuration tool is related to the use of URL paths in L7 traffic. Exploitation of the vulnerability could allow an attacker acting remotely to bypass access rules based on HTTP request paths. HTTP request paths The vulnerability in the Consul service...
Denial Of Service (DoS)
io.undertow: undertow-core is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of URL-encoded request paths for concurrent requests on the ajp-listener, which can cause the wrong path to be processed, potentially leading to Denial Of Service DoS...
Denial Of Service (DoS)
github.com/mattermost/mattermost-server is vulnerable to Denial Of Service. The vulnerability is due to insufficient limitation of the size of request paths that contain user inputs, allowing attackers to send large request paths, causing excessive resource usage...
CVE-2024-22091 Excessive resource consumption due to lack to request path size limits
Mattermost versions 8.1.x = 8.1.10, 9.6.x = 9.6.0, 9.5.x = 9.5.2 and 8.1.x = 8.1.11 fail to limit the size of a request path that includes user inputs which allows an attacker to cause excessive resource consumption, possibly leading to a DoS via sending large request paths...
CVE-2020-8463
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to bypass a global authorization check for anonymous users by manipulating request paths...