OESA-2021-1437 trafficserver security update

Apache Traffic Server is an OpenSource HTTP / HTTPS / HTTP/2 / QUIC reverse, forward and transparent proxy and cache. Security Fixes: Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server...

UBUNTU-CVE-2021-43082

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in the stats-over-http plugin of Apache Traffic Server allows an attacker to overwrite memory. This issue affects Apache Traffic Server 9.1.0...

org.jenkins-ci.plugins:project-build-times (>=1.0 <=1.2.1), org.jenkins-ci.plugins:project-stats-plugin (>=0.1 <=0.4) potentially affected by CVE-2021-21649 via org.jenkins-ci.plugins:dashboard-view (>=2.0 <=2.0.2)

org.jenkins-ci.plugins:dashboard-view MAVEN version =2.0, =1.0, =0.1, =0.4 Source cves: CVE-2021-21649 Source advisory: OSV:GHSA-JWHM-9CJM-4493...

WordPress Stats Plugin <= 2.51 - Multiple Vulnerabilities

This plugin is prone to cross site scripting and cross site request forgery vulnerabilities. Solution Update the plugin...

wppersist-xss.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 1. DESCRIPTION OF THE SOFTWARE On May 6th, 2007 a new WordPress plugin called "stats" was released. This plugin allows a WordPress user who has his blog self-hosted to use the Wordpress.com statistics. The plugin includes a JavaScript on the blog page...