Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks External Reference:
Acknowledgments: Name: the Mozilla project Upstream: Giorgio Maone
….
Source link
[Bug 1834686] CVE-2020-12390 Mozilla: Incorrect serialization of nsIPrincipal.origin for IPv6 addresses
RELATED STORIES
|漏洞详情 Gitea是Gitea社区的一个基于Go开发的轻量型git服务。 Gitea 0.9.99版本至1.12.x系列1.12.6之前版本存在安全漏洞,该漏洞源于不会阻止git协议路径指定TCP端口号,并且在parseRemoteAddr中的modules/auth/repo_form.go中也包含换行符(具有URL编码)。 |参考资料 来源:nvd.nist.gov 链接:https://nvd.nist.gov/vuln/detail/CVE-2020-28991 Source link Is your business effected by Cyber...
|漏洞详情 Frenchbread Private-ip是Frenchbread个人开发者的一个用于检查Ip是否为私有的Js代码库。 Frenchbread Private-ip package v1.0.5之前版本存在安全漏洞,该漏洞源于正则表达式不足,无法充分过滤保留的IP范围,导致SSRF不确定。攻击者可利用该漏洞可以对ARIN保留的IP范围执行大量请求,导致无法确定关键攻击向量的数量,从而允许远程攻击者可利用该漏洞通过各种SSRF技术请求服务器端资源或潜在地执行任意代码。 |参考资料 来源:nvd.nist.gov 链接:https://nvd.nist.gov/vuln/detail/CVE-2020-28360 Source link Is your business...
VMware addressed six vulnerabilities in its SD-WAN Orchestrator product that can potentially expose enterprise networks...
(Second of two parts) In last week’s article, we highlighted the challenges of cybersecurity in...
KL-001-2020-007 : Barco wePresent Undocumented SSH Interface Accessible Via Web UI Title: Barco wePresent Undocumented...
Here is a short overview of the most important security vulnerabilities that came to light...
Published: 2020-11-19 Risk High Patch available YES Number of vulnerabilities 9 CVE ID CVE-2020-26080CVE-2020-26081CVE-2020-26076CVE-2020-26079CVE-2020-26078CVE-2020-26077CVE-2020-26072CVE-2020-3531CVE-2020-3392 CWE...
Googles Entwickler haben in der aktuellen Chrome-Ausgabe 87.0.4280.66 insgesamt 33 Sicherheitslücken geschlossen. Die Version ist...
People tend to play fast and loose with security terminology. However, it’s important to get...
Risk Low Patch available YES Number of vulnerabilities 4 CVE ID CVE-2020-8693CVE-2020-8692CVE-2020-8690CVE-2020-8691 CWE ID CWE-119CWE-284CWE-693CWE-264...
You must be logged in to post a comment.