Blog

BIG-IP SSL Profile OCSP Authentication security exposure Security Advisory Security Advisory Description The BIG-IP system does not properly verify the revocation of intermediate CA certificates ... More info: https://support.f5.com/csp/article/K14903688?utm_source=f5support&utm_medium=RSS

The attack signature check may fail to detect and block malicious requests Security Advisory Security Advisory Description The web application firewall attack signature check may fail to detect ... More info: https://support.f5.com/csp/article/K30150004?utm_source=f5support&utm_medium=RSS

The attack signature check may fail to detect and block illegal requests for a case-insensitive policy Security Advisory Security Advisory Description The web application firewall attack signature ... More info: https://support.f5.com/csp/article/K30291321?utm_source=f5support&utm_medium=RSS

Node.js vulnerabilities CVE-2021-3672 and CVE-2021-22931 Security Advisory Security Advisory Description CVE-2021-3672 Missing input validation of host names returned by Domain Name Servers (DNS) ... More info: https://support.f5.com/csp/article/K53225395?utm_source=f5support&utm_medium=RSS

Eclipse Jetty vulnerability CVE-2021-28165 Security Advisory Security Advisory Description In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can ... More info: https://support.f5.com/csp/article/K15338344?utm_source=f5support&utm_medium=RSS

Bootstrap vulnerability CVE-2019-8331 Security Advisory Security Advisory Description In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template ... More info: https://support.f5.com/csp/article/K24383845?utm_source=f5support&utm_medium=RSS

Apache HTTP server vulnerability CVE-2021-39275 Security Advisory Security Advisory Description ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included ... More info: https://support.f5.com/csp/article/K20622400?utm_source=f5support&utm_medium=RSS

Bootstrap vulnerability CVE-2018-14040 Security Advisory Security Advisory Description In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. (CVE-2018-14040) Impact An ... More info: https://support.f5.com/csp/article/K48382137?utm_source=f5support&utm_medium=RSS

Apache HTTPD vulnerability CVE-2021-34798 Security Advisory Security Advisory Description Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP ... More info: https://support.f5.com/csp/article/K72382141?utm_source=f5support&utm_medium=RSS

Apache HTTPD vulnerability CVE-2021-36160 Security Advisory Security Advisory Description A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and ... More info: https://support.f5.com/csp/article/K13401920?utm_source=f5support&utm_medium=RSS