2156 matches found
CVE-2023-47106
Traefik is an open source HTTP reverse proxy and load balancer. When a request is sent to Traefik with a URL fragment, Traefik automatically URL encodes and forwards the fragment to the backend server. This violates RFC 7230 because in the origin-form the URL should only contain the absolute path...
CVE-2023-47106
Traefik is an open source HTTP reverse proxy and load balancer. When a request is sent to Traefik with a URL fragment, Traefik automatically URL encodes and forwards the fragment to the backend server. This violates RFC 7230 because in the origin-form the URL should only contain the absolute path...
Improper access control
Traefik is an open source HTTP reverse proxy and load balancer. When a request is sent to Traefik with a URL fragment, Traefik automatically URL encodes and forwards the fragment to the backend server. This violates RFC 7230 because in the origin-form the URL should only contain the absolute path...
CVE-2023-47633
CVE-2023-47633 affects the Traefik Docker image when it serves as its own backend, triggered by an automatically generated route from Docker integration in default configuration. The issue causes 100% CPU usage, leading to a denial of service-like impact on the affected instance. The vulnerabilit...
CVE-2023-47633 Uncontrolled Resource Consumption in Traefik
Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions...
CVE-2023-47633 Uncontrolled Resource Consumption in Traefik
Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions...
CVE-2023-47106
Traefik vulnerability CVE-2023-47106: when a request contains a URL fragment, Traefik URL-encodes and forwards the fragment to the backend, violating RFC 7230 (origin-form should only have path and query). In a setup with a frontend proxy like Nginx, this can bypass URI-based access controls. Add...
CVE-2023-47106 Incorrect processing of fragment in the URL leads to Authorization Bypass in Traefik
Traefik is an open source HTTP reverse proxy and load balancer. When a request is sent to Traefik with a URL fragment, Traefik automatically URL encodes and forwards the fragment to the backend server. This violates RFC 7230 because in the origin-form the URL should only contain the absolute path...
CVE-2023-47124
CVE-2023-47124 describes a DoS vector in Traefik when using HTTPChallenge to obtain/renew Let’s Encrypt TLS certificates: the 50-second delay allowed solving the challenge can be abused for a slowloris-style attack. Public details in the initial document specify impacts as a server availability r...
[SECURITY] Fedora 37 Update: golang-github-openprinting-ipp-usb-0.9.23-5.fc37
HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables driverless support for USB devices capable of using IPP-over-USB protocol...
Fedora: Security Advisory for golang-github-openprinting-ipp-usb (FEDORA-2023-ce2836acfa)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-46589
An improper Input validation flaw was found in Apache Tomcat due to incorrect parsing of HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests, leading to the possibility of request smuggling when behind a...
Apache Tomcat Request Smuggling Vulnerability (Nov 2023) - Linux
Apache Tomcat is prone to a request smuggling vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:tomcat"; if...
Apache Tomcat Request Smuggling Vulnerability (Nov 2023) - Windows
Apache Tomcat is prone to a request smuggling vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:tomcat"; if...
GHSA-FCCV-JMMP-QG76 Apache Tomcat Improper Input Validation vulnerability
Improper Input Validation vulnerability in Apache Tomcat. Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82, and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could...
DEBIAN-CVE-2023-46589
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could...
UBUNTU-CVE-2023-46589
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could...
CVE-2023-46589 Apache Tomcat: HTTP request smuggling via malformed trailer headers
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could...
Apache Tomcat Environment Issue Vulnerability
Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server . It is used to implement support for Servlets and JavaServer Page JSP. Apache Tomcat suffers from an environmental issue vulnerability that stems from the presence of an incorrect input validation...
Privilege escalation
capsule-proxy is a reverse proxy for the capsule operator project. Affected versions are subject to a privilege escalation vulnerability which is based on a missing check if the user is authenticated based on the TokenReview result. All the clusters running with the anonymous-auth Kubernetes API...