Page 2 of 107 results (0.013 seconds)

CVSS: 9.0EPSS: 96%CPEs: 26EXPL: 8

CVE-2021-40438 – Apache HTTP Server-Side Request Forgery (SSRF)

https://notcve.org/view.php?id=CVE-2021-40438

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier. Un uri-path diseñado puede causar que mod_proxy reenvíe la petición a un servidor de origen elegido por el usuario remoto. Este problema afecta a Apache HTTP Server versiones 2.4.48 y anteriores A Server-Side Request Forgery (SSRF) flaw was found in mod_proxy of httpd. This flaw allows a remote, unauthenticated attacker to make the httpd server forward requests to an arbitrary server. • https://github.com/sixpacksecurity/CVE-2021-40438 https://github.com/xiaojiangxl/CVE-2021-40438 https://github.com/Kashkovsky/CVE-2021-40438 https://github.com/sergiovks/CVE-2021-40438-Apache-2.4.48-SSRF-exploit https://github.com/BabyTeam1024/CVE-2021-40438 https://github.com/gassara-kys/CVE-2021-40438 https://github.com/Cappricio-Securities/CVE-2021-40438 https://github.com/pisut4152/Sigma-Rule-for-CVE-2021-40438-exploitation-attempt https://cert-portal.siemens.com/productcert/pdf/ • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 8.3EPSS: 1%CPEs: 248EXPL: 4

CVE-2021-2351 – Oracle Database Weak NNE Integrity Key Derivation

https://notcve.org/view.php?id=CVE-2021-2351

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Advanced Networking Option, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Advanced Networking Option. • http://packetstormsecurity.com/files/165255/Oracle-Database-Protection-Mechanism-Bypass.html http://packetstormsecurity.com/files/165258/Oracle-Database-Weak-NNE-Integrity-Key-Derivation.html http://seclists.org/fulldisclosure/2021/Dec/19 http://seclists.org/fulldisclosure/2021/Dec/20 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpujan2023.html https://www.oracle.com/security-alerts/cpujul2021.html https:&# • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-384: Session Fixation •

CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2021-33503 – python-urllib3: ReDoS in the parsing of authority part of URL

https://notcve.org/view.php?id=CVE-2021-33503

An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect. Se ha detectado un problema en urllib3 versiones anteriores a 1.26.5. Cuando se proporciona una URL que contiene muchos caracteres @ en el componente authority, la expresión regular de autoridad muestra un retroceso catastrófico, causando una denegación de servicio si fue pasado una URL como parámetro o es redirigido a ella por medio de un redireccionamiento HTTP A flaw was found in python-urllib3. When provided with a URL containing many @ characters in the authority component, the authority's regular expression exhibits catastrophic backtracking. • https://github.com/advisories/GHSA-q2q7-5pp4-w6pg https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6SCV7ZNAHS3E6PBFLJGENCDRDRWRZZ6W https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMUGWEAUYGGHTPPXT6YBD53WYXQGVV73 https://security.gentoo.org/glsa/202107-36 https://www.oracle.com/security-alerts/cpuoct2021.html https://access.redhat.com/security/cve/CVE-2021-33503 ht • CWE-400: Uncontrolled Resource Consumption CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 7.5EPSS: 3%CPEs: 11EXPL: 0

CVE-2021-31618 – NULL pointer dereference on specially crafted HTTP/2 request

https://notcve.org/view.php?id=CVE-2021-31618

Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating why the request was rejected. This rejection response was not fully initialised in the HTTP/2 protocol handler if the offending header was the very first one received or appeared in a a footer. This led to a NULL pointer dereference on initialised memory, crashing reliably the child process. Since such a triggering HTTP/2 request is easy to craft and submit, this can be exploited to DoS the server. • http://httpd.apache.org/security/vulnerabilities_24.html http://www.openwall.com/lists/oss-security/2021/06/10/9 http://www.openwall.com/lists/oss-security/2024/03/13/2 https://lists.apache.org/thread.html/r14b66ef0f4f569fd515a3f96cd4eb58bd9a8ff525cc326bb0359664f%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r783b6558abf3305b17ea462bed4bd66d82866438999bf38cef6d11d1%40%3Ccvs.httpd.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html https://lists.fedoraproject.org/archive • CWE-476: NULL Pointer Dereference •

CVSS: 5.9EPSS: 0%CPEs: 10EXPL: 0

CVE-2021-30641 – Unexpected URL matching with 'MergeSlashes OFF'

https://notcve.org/view.php?id=CVE-2021-30641

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' Apache HTTP Server versiones 2.4.39 a 2.4.46. Un Comportamiento inesperado de coincidencia con el parámetro "MergeSlashes OFF" A flaw was found in Apache httpd. A possible regression from an earlier security fix broke behavior of MergeSlashes. The highest threat from this vulnerability is to data integrity. • http://httpd.apache.org/security/vulnerabilities_24.html http://www.openwall.com/lists/oss-security/2021/06/10/8 https://lists.apache.org/thread.html/r2b4773944d83d2799de9fbaeee7fe0f3fd72669467787e02f434cb10%40%3Cannounce.httpd.apache.org%3E https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/07/msg00006 • CWE-20: Improper Input Validation •