Month: noviembre 2021

The attack signature check may fail to detect and block illegal requests for a case-insensitive policy Security Advisory Security Advisory Description The web application firewall attack signature ... More info: https://support.f5.com/csp/article/K30291321?utm_source=f5support&utm_medium=RSS

Node.js vulnerabilities CVE-2021-3672 and CVE-2021-22931 Security Advisory Security Advisory Description CVE-2021-3672 Missing input validation of host names returned by Domain Name Servers (DNS) ... More info: https://support.f5.com/csp/article/K53225395?utm_source=f5support&utm_medium=RSS

Eclipse Jetty vulnerability CVE-2021-28165 Security Advisory Security Advisory Description In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can ... More info: https://support.f5.com/csp/article/K15338344?utm_source=f5support&utm_medium=RSS

Bootstrap vulnerability CVE-2019-8331 Security Advisory Security Advisory Description In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template ... More info: https://support.f5.com/csp/article/K24383845?utm_source=f5support&utm_medium=RSS

Apache HTTP server vulnerability CVE-2021-39275 Security Advisory Security Advisory Description ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included ... More info: https://support.f5.com/csp/article/K20622400?utm_source=f5support&utm_medium=RSS

Bootstrap vulnerability CVE-2018-14040 Security Advisory Security Advisory Description In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. (CVE-2018-14040) Impact An ... More info: https://support.f5.com/csp/article/K48382137?utm_source=f5support&utm_medium=RSS

Apache HTTPD vulnerability CVE-2021-34798 Security Advisory Security Advisory Description Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP ... More info: https://support.f5.com/csp/article/K72382141?utm_source=f5support&utm_medium=RSS

Apache HTTPD vulnerability CVE-2021-36160 Security Advisory Security Advisory Description A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and ... More info: https://support.f5.com/csp/article/K13401920?utm_source=f5support&utm_medium=RSS

Linux kernel vulnerability CVE-2019-11811 Security Advisory Security Advisory Description An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read ... More info: https://support.f5.com/csp/article/K01512680?utm_source=f5support&utm_medium=RSS

Multiple Intel CPU vulnerabilities Security Advisory Security Advisory Description CVE-2020-8670 Race condition in the firmware for some Intel(R) Processors may allow a privileged user to ... More info: https://support.f5.com/csp/article/K52285493?utm_source=f5support&utm_medium=RSS