5 matches found
Partial String Comparison
Overview Affected versions of this package are vulnerable to Partial String Comparison via the router component. An attacker can route requests to unintended backend servers by sending crafted HTTP requests with manipulated Host headers. Remediation A fix was pushed into the master branch but not...
Asrmicro ASR Series 安全漏洞
Asrmicro ASR Series is a series of chips from Avantage Technology Asrmicro, a Chinese company. A security vulnerability exists in Asrmicro ASR Series, which originates from an improper resource release in the pb.c file in the router component, which could lead to a resource leak...
GHSA-PX4W-RCV2-6X8X Arbitrary code execution in Apache ServiceComb java-chassis
When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5...
CVE-2020-17532
When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5...
CVE-2020-17532
The CVE-2020-17532 entry affects Apache ServiceComb-Java-Chassis when the handler-router component is enabled. An authenticated user can inject data and trigger arbitrary code execution. Affected versions are 2.0.0 through 2.1.3; the issue is fixed in 2.1.5. Evidence in multiple sources corrobora...