[Git][security-tracker-team/security-tracker][master] Apache mod_proxy HTTP2 request line injection

Paul Wise (@pabs) Wed, 11 Aug 2021 23:39:39 -0700


Paul Wise pushed to branch master at Debian Security Tracker / security-tracker



Commits:
6a955125 by Paul Wise at 2021-08-12T14:39:22+08:00
Apache mod_proxy HTTP2 request line injection

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12256,8 +12256,10 @@ CVE-2021-33194 (golang.org/x/net before 
v0.0.0-20210520170846-37e1c6afe023 allow
        NOTE: 
https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ
        NOTE: https://github.com/golang/go/issues/46288
        TODO: check completeness
-CVE-2021-33193
+CVE-2021-33193 [Apache mod_proxy HTTP2 request line injection]
        RESERVED
+       NOTE: https://portswigger.net/research/http2
+       NOTE: 
https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c
 CVE-2021-33192 (A vulnerability in the HTML pages of Apache Jena Fuseki allows 
an atta ...)
        NOT-FOR-US: Apache Jena Fuseki
 CVE-2021-33191



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a9551252e9556eec6349b021fa75c7f5aa51355

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a9551252e9556eec6349b021fa75c7f5aa51355
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Apache mod_proxy HTTP2 request line injection

Reply via email to