WEB APPLICATION VULNERABILITIES Standard & Premium

Oracle HTTP Server Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-4181)

Description

Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

Remediation

References

Related Vulnerabilities

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-37909)

WordPress Plugin My Tickets Cross-Site Request Forgery (1.9.10)

Perl Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1487)

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1835)

Severity

High

Classification

CVE-2021-4181 CWE-138 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities