Search CVE reports
1 – 4 of 4 results
Some fixes available 1 of 3
Pound before 2.8 allows HTTP request smuggling, a related issue to CVE-2016-10711.
1 affected package
pound
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| pound | Not in release | Not affected | Not affected | Not in release |
Some fixes available 2 of 3
Apsis Pound before 2.8a allows request smuggling via crafted headers, a different vulnerability than CVE-2005-3751.
1 affected package
pound
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| pound | — | — | Not affected | Not in release |
Some fixes available 30 of 39
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the...
6 affected packages
openssl, nss, openjdk-6, pound, openjdk-7, openssl098
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openssl | Fixed | Fixed | Fixed | Fixed |
| nss | Not affected | Not affected | Not affected | Not affected |
| openjdk-6 | Not in release | Not in release | Not in release | Not in release |
| pound | Not in release | Not affected | Not affected | Not in release |
| openjdk-7 | Not in release | Not in release | Not in release | Not in release |
| openssl098 | Not in release | Not in release | Not in release | Not in release |
Buffer overflow in the add_port function in APSIS Pound 1.8.2 and earlier allows remote attackers to execute arbitrary code via a long Host HTTP header.
1 affected package
pound
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| pound | — | — | — | — |