GHSA-5C58-W9XC-QCJ9 Symfony Vulnerable to PHP Eval Injection

Applications with ESI support and SSI support as of Symfony 2.6 enabled and using the Symfony built-in reverse proxy the Symfony\Component\HttpKernel\HttpCache class are vulnerable to PHP code injection; a malicious user can inject PHP code that will be executed by the server. HttpCache uses eval...

Jenkins Reverse Proxy Auth Plugin allows attackers with local file system access to obtain a list of authorities for logged in users

An exposure of sensitive information vulnerability exists in Jenkins Reverse Proxy Auth Plugin 1.5 and older in ReverseProxySecurityRealmauthContext that allows attackers with local file system access to obtain a list of authorities for logged in users. Reverse Proxy Auth Plugin 1.6.0 and newer n...

GHSA-M9J2-GRQF-FG26 Jenkins Reverse Proxy Auth Plugin allows attackers with local file system access to obtain a list of authorities for logged in users

An exposure of sensitive information vulnerability exists in Jenkins Reverse Proxy Auth Plugin 1.5 and older in ReverseProxySecurityRealmauthContext that allows attackers with local file system access to obtain a list of authorities for logged in users. Reverse Proxy Auth Plugin 1.6.0 and newer n...

GHSA-XH5X-J8JF-PCPX Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Tomcat

Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header...

GHSA-FJWP-R6FM-Q6QW Apache Tomcat allows remote attackers to read data that was intended to be associated with a different request

An information disclosure issue was discovered in Apache Tomcat 8.5.7 to 8.5.9 and 9.0.0.M11 to 9.0.0.M15 in reverse-proxy configurations. Http11InputBuffer.java allows remote attackers to read data that was intended to be associated with a different request...

Apache Tomcat allows remote attackers to read data that was intended to be associated with a different request

An information disclosure issue was discovered in Apache Tomcat 8.5.7 to 8.5.9 and 9.0.0.M11 to 9.0.0.M15 in reverse-proxy configurations. Http11InputBuffer.java allows remote attackers to read data that was intended to be associated with a different request...

grafana: directory traversal vulnerability

Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files with the extension...

SAP Web Dispatcher 跨站脚本漏洞

SAP Web Dispatcher is a core component of Load Balancing from SAP, which supports load balancing and provides reverse proxy functionality to enable external users to access internal applications. A cross-site scripting vulnerability exists in SAP Web Dispatcher and SAP Netweaver AS for ABAP and...

golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty

A flaw was found in Go, acting as an unintended proxy or intermediary, where ReverseProxy forwards connection headers if the first one was empty. This flaw allows an attacker to drop arbitrary headers. The highest threat from this vulnerability is to integrity...

CVE-2022-26924

YARP Denial of Service Vulnerability...

golang: net/http/httputil: panic due to racy read of persistConn after handler panic

A race condition flaw was found in Go. The incoming requests body weren't closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability...

tomcat: HTTP request smuggling when used with a reverse proxy

Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ignored the transfer...

golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty

A flaw was found in Go, acting as an unintended proxy or intermediary, where ReverseProxy forwards connection headers if the first one was empty. This flaw allows an attacker to drop arbitrary headers. The highest threat from this vulnerability is to integrity...

Skipper 代码问题漏洞

Skipper is an HTTP router and reverse proxy for service portfolios. A security vulnerability exists in Skipper v0.9.1 that allows an attacker to execute arbitrary code via a crafted file...

Vulnerabilities fixed in Microsoft Developer Tools

Vulnerabilities have been fixed in Microsoft Developer Tools. Abuse of the vulnerabilities potentially enable a malicious party to be able to obtain elevated privileges or cause a denial-of-service cause. The tables below list the vulnerabilities fixed by Microsoft with the corresponding CVSSv3...

Microsoft YARP reverse proxy 安全漏洞

Microsoft YARP is a reverse proxy toolkit from Microsoft. It is used to build fast proxy servers in .NET using the infrastructure of ASP.NET and . A security vulnerability exists in the Microsoft YARP reverse proxy. The following products and versions are affected: YARP 1.0, YARP 1.1RC...

golang: net/http/httputil: panic due to racy read of persistConn after handler panic

A race condition flaw was found in Go. The incoming requests body weren't closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability...

No-Joke Borat RAT Propagates Ransomware, DDoS

Attackers are using a newly released remote access trojan RAT to spread ransomware and distributed denial of service DDoS — in addition to the traditional RAT function of backdooring victims’ systems. Researchers at Cyble Research Labs discovered the RAT, which they dubbed Borat RAT because it us...

golang: net/http/httputil: panic due to racy read of persistConn after handler panic

A race condition flaw was found in Go. The incoming requests body weren't closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability...

CVE-2022-23652 Privilege escalation using hop-by-hop Connection header

capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. In versions prior to 0.2.1 an attacker with a proper authentication mechanism may use a malicious Connection header to start a privilege escalation attack towards the Kubernetes API Server. This...