2 matches found
CVE-2022-24798
CVE-2022-24798 affects Internet Routing Registry daemon (IRRd) v4 where password hashes could be exposed in query responses for mntner objects and database exports. Root cause: insufficient filtering of password hashes in IRRd’s output. Affected products/versions: IRRd 4.2.x (mirrors not affected...
CVE-2026-28681
CVE-2026-28681 affects Internet Routing Registry daemon (IRRd) versions 4.4.0–4.4.5 and 4.5.0–4.5.1. The flaw is a host header injection in web UI password reset/account creation flows: an attacker can manipulate the HTTP Host header, causing the confirmation link in the email to point to an atta...