Server-side Request Forgery (SSRF)

Overview astro is an Astro is a modern site builder with web best practices, performance, and DX front-of-mind. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the x-forwarded-proto and x-forwarded-port headers due to improper input sanitization when...

HackerOne: Denial of service via cache poisoning

An attacker can persistently block access to any/all redirects on www.hackerone.com by using cache poisoning with the X-Forwarded-Port or X-Forwarded-Host headers to redirect users to an invalid port. To replicate: curl -H 'X-Forwarded-Port: 123'...

Fedora 18 : php-pear-CAS-1.3.2-1.fc18 (2012-21084)

Changes in version 1.3.2 Security Fixes : - CVE-2012-5583 Missing CN validation of CAS server certificate 58 Joachim Fritschi Bug Fixes : - Fix broken character encoding in Greek and French 40 Joachim Fritschi - Minor error corrections in a few example files Joachim Fritschi - Remove erroneous...

Fedora 16 : php-pear-CAS-1.3.2-1.fc16 (2012-21122)

Changes in version 1.3.2 Security Fixes : - CVE-2012-5583 Missing CN validation of CAS server certificate 58 Joachim Fritschi Bug Fixes : - Fix broken character encoding in Greek and French 40 Joachim Fritschi - Minor error corrections in a few example files Joachim Fritschi - Remove erroneous...

Fedora 17 : php-pear-CAS-1.3.2-1.fc17 (2012-21106)

Changes in version 1.3.2 Security Fixes : - CVE-2012-5583 Missing CN validation of CAS server certificate 58 Joachim Fritschi Bug Fixes : - Fix broken character encoding in Greek and French 40 Joachim Fritschi - Minor error corrections in a few example files Joachim Fritschi - Remove erroneous...