Bahruz Jabiyev, Anthony Gavazzi, Engin Kirda, Kaan Onarlioglu, Adi Peleg,
and Harvey Tuch discovered that HAProxy incorrectly handled empty header
names. A remote attacker could possibly use this issue to manipulate
headers and bypass certain authentication checks and restrictions.
More Stories
USN-7177-1: YARA vulnerability
It was discovered that YARA did not properly sanitize its configuration settings. An attacker could potentially exploit this issue to...
USN-7169-2: Linux kernel (GCP) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...
age-1.2.1-1.fc41
FEDORA-2024-4f08c1a90a Packages in this update: age-1.2.1-1.fc41 Update description: Update to 1.2.1 to fix https://github.com/FiloSottile/age/security/advisories/GHSA-32gq-x56h-299c security issue. Read More
USN-7172-1: libvpx vulnerability
It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a...
USN-7176-1: GStreamer Good Plugins vulnerabilities
Antonio Morales discovered that GStreamer Good Plugins incorrectly handled certain malformed media files. An attacker could use these issues to...
USN-7175-1: GStreamer Base Plugins vulnerabilities
Antonio Morales discovered that GStreamer Base Plugins incorrectly handled certain malformed media files. An attacker could use these issues to...