[Git][security-tracker-team/security-tracker][master] Apache mod_proxy HTTP2 request line injection
Paul Wise (@pabs)
pabs at debian.org
Thu Aug 12 07:39:32 BST 2021
Paul Wise pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6a955125 by Paul Wise at 2021-08-12T14:39:22+08:00
Apache mod_proxy HTTP2 request line injection
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -12256,8 +12256,10 @@ CVE-2021-33194 (golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allow
NOTE: https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ
NOTE: https://github.com/golang/go/issues/46288
TODO: check completeness
-CVE-2021-33193
+CVE-2021-33193 [Apache mod_proxy HTTP2 request line injection]
RESERVED
+ NOTE: https://portswigger.net/research/http2
+ NOTE: https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c
CVE-2021-33192 (A vulnerability in the HTML pages of Apache Jena Fuseki allows an atta ...)
NOT-FOR-US: Apache Jena Fuseki
CVE-2021-33191
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a9551252e9556eec6349b021fa75c7f5aa51355
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a9551252e9556eec6349b021fa75c7f5aa51355
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210812/514b8d52/attachment.htm>
More information about the debian-security-tracker-commits
mailing list