CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2091 – Cache Images < 3.2.1 - Image Upload / Import via CSRF
https://notcve.org/view.php?id=CVE-2022-2091
The Cache Images WordPress plugin before 3.2.1 does not implement nonce checks, which could allow attackers to make any logged user upload images via a CSRF attack. El plugin Cache Images de WordPress versiones anteriores a 3.2.1, no implementa comprobaciones de nonce, lo que podría permitir a atacantes hacer que cualquier usuario registrado cargue imágenes por medio de un ataque de tipo CSRF The Cache Images plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.1. This is due to missing nonce validation on the cache_images_ajax() function. This makes it possible for unauthenticated attackers to upload images via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/03e7c2dc-1c6d-4cff-af59-6b41ead74978 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.1EPSS: 0%CPEs: 10EXPL: 0CVE-2022-23959 – varnish: HTTP/1 request smuggling vulnerability
https://notcve.org/view.php?id=CVE-2022-23959
In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections. En Varnish Cache versiones anteriores a 6.6.2 y 7.x versiones anteriores a 7.0.2, Varnish Cache 6.0 LTS versiones anteriores a 6.0.10, y Varnish Enterprise (Cache Plus) 4.1.x versiones anteriores a 4.1.11r6 y 6.0.x versiones anteriores a 6.0.9r4, puede producirse contrabando de peticiones para conexiones HTTP/1 A flaw was found in Varnish. This flaw allows an attacker to carry out a request smuggling attack on HTTP/1 connections on Varnish cache servers. This smuggled request goes through the usual Varnish Configuration Language (VCL) processing since the Varnish server treats it as an additional request. • https://docs.varnish-software.com/security/VSV00008 https://lists.debian.org/debian-lts-announce/2022/02/msg00014.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UMMDMQWNAE3BTSZUHXQHVAMZC5TLHLYT https://varnish-cache.org/security/VSV00008.html https://www.debian.org/security/2022/dsa-5088 https://access.redhat.com/security/cve/CVE-2022-23959 https://bugzilla.redhat.com/show_bug.cgi?id=2045031 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36448
https://notcve.org/view.php?id=CVE-2020-36448
An issue was discovered in the cache crate through 2020-11-24 for Rust. There are unconditional implementations of Send and Sync for Cache<K>. Se ha detectado un problema en la crate cache hasta el 24-11-2020 para Rust. Se presentan implementaciones incondicionales de Send y Sync para la función Cache(K) • https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/cache/RUSTSEC-2020-0128.md https://rustsec.org/advisories/RUSTSEC-2020-0128.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.1EPSS: 0%CPEs: 11EXPL: 0CVE-2021-36740 – varnish: HTTP/2 request smuggling attack via a large Content-Length header for a POST request
https://notcve.org/view.php?id=CVE-2021-36740
Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. This affects Varnish Enterprise 6.0.x before 6.0.8r3, and Varnish Cache 5.x and 6.x before 6.5.2, 6.6.x before 6.6.1, and 6.0 LTS before 6.0.8. Varnish Cache, con HTTP/2 habilitado, permite el contrabando de peticiones y la omisión de autorización de VCL por medio de un encabezado Content-Length grande para una petición POST. Esto afecta a Varnish Enterprise versiones 6.0.x anteriores a 6.0.8r3, y Varnish Cache versiones 5.xy 6.x anteriores a 6.5.2, versiones 6.6.x anteriores a 6.6.1 y versiones 6.0 LTS anteriores a 6.0.8 A flaw was found in Varnish. The Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. • https://docs.varnish-software.com/security/VSV00007 https://github.com/varnishcache/varnish-cache/commit/82b0a629f60136e76112c6f2c6372cce77b683be https://github.com/varnishcache/varnish-cache/commit/9be22198e258d0e7a5c41f4291792214a29405cf https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/THV2DQA2GS65HUCKK4KSD2XLN3AAQ2V5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZHBNLDEOTGYRIEQZBWV7F6VPYS4O2AAK https://varnish-cache.org/security/VSV00007.html https://www.debian.org& • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-25903
https://notcve.org/view.php?id=CVE-2021-25903
An issue was discovered in the cache crate through 2021-01-01 for Rust. A raw pointer is dereferenced. Se detectó un problema en la crate cache versiones hasta el 01-01-2021 para Rust. Un puntero sin procesar es desreferenciado • https://rustsec.org/advisories/RUSTSEC-2021-0006.html • CWE-476: NULL Pointer Dereference •