漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Applications using the “Sensitive Headers” functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the “Sensitive Headers” restriction when executing requests with specially constructed URLs. Applications that use Spring Security's StrictHttpFirewall (enabled by default for all URLs) are not affected by the vulnerability, as they reject requests that allow bypassing.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Vmware Spring Cloud 安全漏洞
Vulnerability Description
Vmware Spring Cloud Config是美国威睿(Vmware)公司的一套分布式系统的配置管理解决方案。该产品主要为分布式系统中的外部配置提供服务器和客户端支持。 Spring Cloud Netflix Zuul 2.2.6.RELEASE存在安全漏洞,该漏洞源于敏感头功能的应用程序RELEASE及其以下版本在执行带有特殊构造的url的请求时,可能容易绕过敏感的头限制。
CVSS Information
N/A
Vulnerability Type
N/A