exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2015-7519

около 10 лет назад

agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0.60 and 5.0.x before 5.0.22, when used in Apache integration mode or in standalone mode without a filtering proxy, allows remote attackers to spoof headers passed to applications by using an _ (underscore) character instead of a - (dash) character in an HTTP header, as demonstrated by an X_User header.

CVSS3: 3.7

EPSS: Низкий

CVE-2015-7519

около 10 лет назад

agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0.60 and 5.0.x before 5.0.22, when used in Apache integration mode or in standalone mode without a filtering proxy, allows remote attackers to spoof headers passed to applications by using an _ (underscore) character instead of a - (dash) character in an HTTP header, as demonstrated by an X_User header.

CVSS2: 5.8

EPSS: Низкий

CVE-2015-7519

около 10 лет назад

agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0.60 and 5.0.x before 5.0.22, when used in Apache integration mode or in standalone mode without a filtering proxy, allows remote attackers to spoof headers passed to applications by using an _ (underscore) character instead of a - (dash) character in an HTTP header, as demonstrated by an X_User header.

CVSS3: 3.7

EPSS: Низкий

CVE-2015-7519

около 10 лет назад

agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0. ...

CVSS3: 3.7

EPSS: Низкий

SUSE-SU-2015:2337-1

около 10 лет назад

Security update for rubygem-passenger

EPSS: Низкий

GHSA-fxwv-953p-7qpf

больше 7 лет назад

Phusion Passenger allows remote attackers to spoof headers

CVSS3: 3.7

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2015-7519 agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0.60 and 5.0.x before 5.0.22, when used in Apache integration mode or in standalone mode without a filtering proxy, allows remote attackers to spoof headers passed to applications by using an _ (underscore) character instead of a - (dash) character in an HTTP header, as demonstrated by an X_User header.	CVSS3: 3.7	0% Низкий	около 10 лет назад
CVE-2015-7519 agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0.60 and 5.0.x before 5.0.22, when used in Apache integration mode or in standalone mode without a filtering proxy, allows remote attackers to spoof headers passed to applications by using an _ (underscore) character instead of a - (dash) character in an HTTP header, as demonstrated by an X_User header.	CVSS2: 5.8	0% Низкий	около 10 лет назад
CVE-2015-7519 agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0.60 and 5.0.x before 5.0.22, when used in Apache integration mode or in standalone mode without a filtering proxy, allows remote attackers to spoof headers passed to applications by using an _ (underscore) character instead of a - (dash) character in an HTTP header, as demonstrated by an X_User header.	CVSS3: 3.7	0% Низкий	около 10 лет назад
CVE-2015-7519 agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0. ...	CVSS3: 3.7	0% Низкий	около 10 лет назад
SUSE-SU-2015:2337-1 Security update for rubygem-passenger		0% Низкий	около 10 лет назад
GHSA-fxwv-953p-7qpf Phusion Passenger allows remote attackers to spoof headers	CVSS3: 3.7	0% Низкий	больше 7 лет назад

Уязвимостей на страницу