CVE-2019-3996
6.5MEDIUMELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests.
Veröffentlicht: 12/17/2019Aktualisiert: 11/21/2024
Beschreibung
ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests.
KI-AnalyseKI-gestützt
Betroffene Produkte
elog_projectelog
fedoraprojectfedora
30
fedoraprojectfedora
31
Referenzen
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2IN3FP6VXYSD4OMUCFZNOL7MKPWRQFAL/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4IAS4HI24H2ERKBZTDEVJ3LEQEFWYSCT/
- https://www.tenable.com/security/research/tra-2019-53ExploitPatchThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2IN3FP6VXYSD4OMUCFZNOL7MKPWRQFAL/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4IAS4HI24H2ERKBZTDEVJ3LEQEFWYSCT/
- https://www.tenable.com/security/research/tra-2019-53ExploitPatchThird Party Advisory