CVE-2023-38522 – Apache Traffic Server: Incomplete field name check allows request smuggling
https://notcve.org/view.php?id=CVE-2023-38522
Apache Traffic Server accepts characters that are not allowed for HTTP field names and forwards malformed requests to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue. • https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0 • CWE-20: Improper Input Validation CWE-86: Improper Neutralization of Invalid Characters in Identifiers in Web Pages CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVE-2024-35296 – Apache Traffic Server: Invalid Accept-Encoding can force forwarding requests
https://notcve.org/view.php?id=CVE-2024-35296
Invalid Accept-Encoding header can cause Apache Traffic Server to fail cache lookup and force forwarding requests. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue. • https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0 • CWE-20: Improper Input Validation •
CVE-2024-35161 – Apache Traffic Server: Incomplete check for chunked trailer section allows request smuggling
https://notcve.org/view.php?id=CVE-2024-35161
Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users can set a new setting (proxy.config.http.drop_chunked_trailers) not to forward chunked trailer section. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue. • https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0 • CWE-20: Improper Input Validation CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVE-2024-25090 – Apache Roller: Insufficient input validation for some user profile and bookmark fields when Roller in untested-users mode
https://notcve.org/view.php?id=CVE-2024-25090
Insufficient input validation and sanitation in Profile name & screenname, Bookmark name & description and blogroll name features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: if you do not have Roller configured for untrusted users, then you need to do nothing because you trust your users to author raw HTML and other web content. If you are running with untrusted users then you should upgrade to Roller 6.1.3. This issue affects Apache Roller: from 5.0.0 before 6.1.3. Users are recommended to upgrade to version 6.1.3, which fixes the issue. La validación de entrada y sanitización insuficientes de las funciones Profile name & screenname, Bookmark name & description and blogroll name en todas las versiones de Apache Roller en todas las plataformas permite que un usuario autenticado realice un ataque de XSS. Mitigación: si no tiene Roller configurado para usuarios no confiables, entonces no necesita hacer nada porque confía en que sus usuarios creen HTML sin formato y otro contenido web. • https://lists.apache.org/thread/lb50jqyxwf8jrfpydl6dc5zpqtpgrrwd • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-48362 – Apache Drill: XXE Vulnerability in XML Format Reader
https://notcve.org/view.php?id=CVE-2023-48362
XXE in the XML Format Plugin in Apache Drill version 1.19.0 and greater allows a user to read any file on a remote file system or execute commands via a malicious XML file. Users are recommended to upgrade to version 1.21.2, which fixes this issue. XXE en el complemento de formato XML en Apache Drill versión 1.19.0 y superior permite al usuario leer cualquier archivo en un sistema de archivos remoto o ejecutar comandos a través de un archivo XML malicioso. Se recomienda a los usuarios actualizar a la versión 1.21.2, que soluciona este problema. • http://www.openwall.com/lists/oss-security/2024/07/24/3 https://lists.apache.org/thread/9tt0q4bdjwgw0dz0l9knqxjnpb5y6zsl • CWE-611: Improper Restriction of XML External Entity Reference •