CVE-2021-4138

Improved Host header checks to reject requests not sent to a well-known local hostname or IP, or the server-specified hostname...

CVE-2021-4138

Improved Host header checks to reject requests not sent to a well-known local hostname or IP, or the server-specified hostname...

CVE-2021-4138

Geckodriver vulnerability CVE-2021-4138 is supported by the CNNVD entry, which states that geckodriver versions prior to 0.30.0 are affected due to improved host header checks. The issue affects the HTTP API exposed by geckodriver/WebDriver; impact and exploitation details are not deeply describe...

CVE-2021-4138

Improved Host header checks to reject requests not sent to a well-known local hostname or IP, or the server-specified hostname...

PT-2019-11377 · Jenkins · Jenkins Chef Sinatra Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Chef Sinatra Plugin affected versions not specified Description: A missing permission check in the ChefBuilderConfiguration.DescriptorImpldoTestConnection form validation method allows attackers with Overall/Read permission to initiat...

Path traversal

The mcollective-sshkey-security plugin before 0.5.1 for Puppet uses a server-specified identifier as part of a path where a file is written. A compromised server could use this to write a file to an arbitrary location on the client with the filename appended with the string "pub.pem"...

Multiple Vulnerabilities and Enhancements in ftpd on IRIX

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title : Multiple Vulnerabilities and Enhancements in ftpd Number : 20030304-01-P Date : March 24, 2003 Reference: CERT CA-1997-27 Reference: CERT VU2558 Reference: CERT VU258721 Reference: CVE CVE-1999-0017 Reference: CVE CVE-1999-0097...