PT-2023-23002 · H2O · H2O

Name of the Vulnerable Software and Affected Versions: H2O versions 2.3.0-beta2 and prior Description: H2O is an HTTP server. When the reverse proxy handler tries to process a certain type of invalid HTTP request, it tries to build an upstream URL by reading from an uninitialized pointer. This...

h2o 缓冲区错误漏洞

h2o is a new generation of HTTP server. Not only is it very fast compared to older generation HTTP servers, but it also provides faster responses to end users. A buffer error vulnerability exists in H2O version 2.3.0-beta2 and earlier versions, which stems from the fact that when a reverse proxy...

Security Bulletin: IBM Safer Payments vulnerable to denial of service attack (CVE-2023-27556)

Summary The API and MCI interfaces of IBM Safer Payments are vulnerable to the Slowloris denial of service attack. This vulnerability is addressed Vulnerability Details CVEID:CVE-2023-27556 DESCRIPTION: IBM Counter Fraud Management for Safer Payments does not properly allocate resources without...

CVE-2022-46302

Broad access controls could allow site users to directly interact with the system Apache installation when providing the reverse proxy configurations for Tribe29's Checkmk = 2.1.0p6, Checkmk = 2.0.0p27, and all versions of Checkmk 1.6.0 EOL allowing an attacker to perform remote code execution wi...

CVE-2022-46302

Broad access controls could allow site users to directly interact with the system Apache installation when providing the reverse proxy configurations for Tribe29's Checkmk = 2.1.0p6, Checkmk = 2.0.0p27, and all versions of Checkmk 1.6.0 EOL allowing an attacker to perform remote code execution wi...

CVE-2022-46302

Broad access controls could allow site users to directly interact with the system Apache installation when providing the reverse proxy configurations for Tribe29's Checkmk = 2.1.0p6, Checkmk = 2.0.0p27, and all versions of Checkmk 1.6.0 EOL allowing an attacker to perform remote code execution wi...

CVE-2022-46302 Remote Code Execution with Root Privileges via Broad Apache Permissions

Broad access controls could allow site users to directly interact with the system Apache installation when providing the reverse proxy configurations for Tribe29's Checkmk = 2.1.0p6, Checkmk = 2.0.0p27, and all versions of Checkmk 1.6.0 EOL allowing an attacker to perform remote code execution wi...

CVE-2022-46302

CVE-2022-46302 affects Tribe29 Checkmk installations prior to patched versions: Checkmk <= 2.1.0p6, Checkmk

PT-2023-14899 · Apache +1 · Apache +1

Name of the Vulnerable Software and Affected Versions: Checkmk versions 1.6.0 through 2.1.0p6 Checkmk version 2.0.0p27 Description: The issue allows site users to directly interact with the system Apache installation when providing reverse proxy configurations, enabling an attacker to perform...

Checkmk 安全漏洞

Checkmk is an editor. Checkmk suffers from a code execution vulnerability that stems from broad access control when providing reverse proxy configurations that allow users to interact directly with the system Apache installation. An attacker can exploit this vulnerability to execute remote code...

SAP Web Dispatcher Access Control Error Vulnerability

SAP Web Dispatcher is the core component of Load Balancing from SAP, which supports load balancing and provides the function of reverse proxy so that users from outside the network can access internal applications. An Access Control Error vulnerability exists in SAP Web Dispatcher, which stems fr...

CVE-2023-29013

Traefik pronounced traffic is a modern HTTP reverse proxy and load balancer for deploying microservices. There is a vulnerability in Go when parsing the HTTP headers, which impacts Traefik. HTTP header parsing could allocate substantially more memory than required to hold the parsed headers. This...

CVE-2023-29013 HTTP header parsing could cause a deny of service

Traefik pronounced traffic is a modern HTTP reverse proxy and load balancer for deploying microservices. There is a vulnerability in Go when parsing the HTTP headers, which impacts Traefik. HTTP header parsing could allocate substantially more memory than required to hold the parsed headers. This...

CVE-2023-29013

Traefik pronounced traffic is a modern HTTP reverse proxy and load balancer for deploying microservices. There is a vulnerability in Go when parsing the HTTP headers, which impacts Traefik. HTTP header parsing could allocate substantially more memory than required to hold the parsed headers. This...

CVE-2023-29013

CVE-2023-29013 affects Traefik (Go) where HTTP header parsing could allocate substantially more memory than required, enabling a network-based denial of service. The issue is documented with a CVSS v3.1 base score of 7.5 (HIGH) and network attack vector with no user interaction. Remediation provi...

SAP Web Dispatcher 安全漏洞

SAP Web Dispatcher is the core component of Load Balancing from SAP, which supports load balancing and provides the function of reverse proxy so that users from outside the network can access internal applications. An Access Control Error vulnerability exists in SAP Web Dispatcher, which stems fr...

Siemens SCALANCE LPE9403 Race Condition (CVE-2021-36221)

Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

Debian dla-3384 : libtomcat9-embed-java - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3384 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3384-1 [email protected]...

[SECURITY] [DLA 3384-1] tomcat9 security update

Debian LTS Advisory DLA-3384-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany April 05, 2023 https://wiki.debian.org/LTS Package : tomcat9 Version : 9.0.31-1deb10u8 CVE ID : CVE-2022-42252 CVE-2023-28708 Debian Bug : 1033475 Two security vulnerabilities have been...

SUSE SLES15 Security Update : tomcat (SUSE-SU-2023:1669-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:1669-1 advisory. - When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https,...