Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cloud Foundry routing-release, versions prior to 0.175.0, lacks sanitization for user-provided X-Forwarded-Proto headers. A remote user can set the X-Forwarded-Proto header in a request to potentially bypass an application requirement to only respond over secure connections.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cloud Foundry routing-release 安全漏洞
Vulnerability Description
Cloud Foundry是美国Cloud Foundry基金会的一套开源的平台即服务(PaaS)云计算平台,它提供容器调度、持续交付和自动化服务部署等功能。routing-release是其中的一个提供HTTP和TCP路由的组件。 Cloud Foundry routing-release 0.175.0之前版本中存在安全漏洞,该漏洞源于程序没有过滤用户提供的X-Forwarded-Proto包头。远程攻击者可通过向请求中放入X-Forwarded-Proto包头利用该漏洞绕过安全限制。
CVSS Information
N/A
Vulnerability Type
N/A