7 matches found
GHSA-R64M-QCHJ-HRJP Webcache Poisoning in shopware/platform and shopware/core
Impact Webcache Poisoning via X-Forwarded-Prefix and sub-request Patches We recommend updating to the current version 6.4.6.1. You can get the update to 6.4.6.1 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/download/shopware-6 Workarounds For...
Webcache Poisoning in shopware/platform and shopware/core
Impact Webcache Poisoning via X-Forwarded-Prefix and sub-request Patches We recommend updating to the current version 6.4.6.1. You can get the update to 6.4.6.1 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/download/shopware-6 Workarounds For...
GHSA-Q3J3-W37X-HQ2Q Webcache Poisoning in symfony/http-kernel
Description ----------- When a Symfony application is running behind a proxy or a load-balancer, you can tell Symfony to look for the X-Forwarded- HTTP headers. HTTP headers that are not part of the "trustedheaders" allowed list are ignored and protect you from "Cache poisoning" attacks. In Symfo...
Webcache Poisoning in symfony/http-kernel
Description ----------- When a Symfony application is running behind a proxy or a load-balancer, you can tell Symfony to look for the X-Forwarded- HTTP headers. HTTP headers that are not part of the "trustedheaders" allowed list are ignored and protect you from "Cache poisoning" attacks. In Symfo...
CVE-2021-41267 Webcache Poisoning in Symfony
Symfony/Http-Kernel is the HTTP kernel component for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Headers that are not part of the "trustedheaders" allowed list are ignored and protect users from "Cache poisoning" attacks. In Symfony 5.2,...
CVE-2021-41267: Webcache Poisoning via X-Forwarded-Prefix and sub-request
More info at https://symfony.com/cve-2021-41267...
CVE-2021-41267: Webcache Poisoning via X-Forwarded-Prefix and sub-request
More info at https://symfony.com/cve-2021-41267...