WEB APPLICATION VULNERABILITIES Standard & Premium

Oracle HTTP Server Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-4181)

Description

Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

Remediation

References

Related Vulnerabilities

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0125)

WordPress Plugin ResAds Multiple Cross-Site Scripting Vulnerabilities (1.0.1)

Oracle Application Server Other Vulnerability (CVE-2006-1884)

Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3170)

PHP Improper Input Validation Vulnerability (CVE-2016-10397)

Severity

High

Classification

CVE-2021-4181 CWE-138 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities