5.0 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): HIGH
- Privileges required (PR): HIGH
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): LOW
- Availability impact (A): NONE
Http proxies: satellite: service side request forgery in http proxies
A server-side request forgery exists in Satellite. When a PUT HTTP request is made to /http_proxies/test_connection, when supplied with the http_proxies variable set to localhost, the attacker can fetch the localhost banner.
References
- https://access.redhat.com/security/cve/CVE-2024-12840 x_refsource_REDHAT vdb-entry
- RHBZ#2333494 issue-tracking x_refsource_REDHAT
Affected products
Matching in nixpkgs
pkgs.job-security
Job control from anywhere
-
nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-04-07
pkgs.libmodsecurity
ModSecurity v3 library component.
-
nixos-unstable -
- nixpkgs-unstable 3.0.14
pkgs.paretosecurity
Agent that makes sure your laptop is correctly configured for security
-
nixos-unstable -
- nixpkgs-unstable 0.3.4
pkgs.xml-security-c
C++ Implementation of W3C security standards for XML
-
nixos-unstable -
- nixpkgs-unstable 3.0.0
pkgs.modsecurity-crs
The OWASP ModSecurity Core Rule Set is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls.
-
nixos-unstable -
- nixpkgs-unstable 3.3.4
pkgs.modsecurity_standalone
Open source, cross-platform web application firewall (WAF)
-
nixos-unstable -
- nixpkgs-unstable 2.9.12
pkgs.converged-security-suite
Converged Security Suite for Intel & AMD platform security features
-
nixos-unstable -
- nixpkgs-unstable 2.8.1
pkgs.python312Packages.zope-security
Zope Security Framework
-
nixos-unstable -
- nixpkgs-unstable 7.3
pkgs.python313Packages.zope-security
Zope Security Framework
-
nixos-unstable -
- nixpkgs-unstable 7.3
pkgs.haskellPackages.hackage-security
Hackage security library
-
nixos-unstable -
- nixpkgs-unstable 0.6.3.1
pkgs.python312Packages.flask-security
Quickly add security features to your Flask application
-
nixos-unstable -
- nixpkgs-unstable 5.6.2
pkgs.python313Packages.flask-security
Quickly add security features to your Flask application
-
nixos-unstable -
- nixpkgs-unstable 5.6.2
pkgs.python312Packages.securityreporter
Python wrapper for the Reporter API
-
nixos-unstable -
- nixpkgs-unstable 1.2.0
pkgs.python313Packages.securityreporter
Python wrapper for the Reporter API
-
nixos-unstable -
- nixpkgs-unstable 1.2.0
pkgs.haskellPackages.amazonka-securityhub
Amazon SecurityHub SDK
-
nixos-unstable -
- nixpkgs-unstable 2.0
pkgs.haskellPackages.gogol-securitycenter
Google Security Command Center SDK
-
nixos-unstable -
- nixpkgs-unstable 1.0.0
pkgs.haskellPackages.amazonka-securitylake
Amazon Security Lake SDK
-
nixos-unstable -
- nixpkgs-unstable 2.0
pkgs.haskellPackages.hackage-security-HTTP
Hackage security bindings against the HTTP library
-
nixos-unstable -
- nixpkgs-unstable 0.1.1.2
pkgs.haskellPackages.unicode-data-security
Unicode security mechanisms database
-
nixos-unstable -
- nixpkgs-unstable 0.4.0
pkgs.python312Packages.azure-mgmt-security
Microsoft Azure Security Center Management Client Library for Python
-
nixos-unstable -
- nixpkgs-unstable 7.0.0
pkgs.python313Packages.azure-mgmt-security
Microsoft Azure Security Center Management Client Library for Python
-
nixos-unstable -
- nixpkgs-unstable 7.0.0
pkgs.haskellPackages.gogol-websecurityscanner
Google Web Security Scanner SDK
-
nixos-unstable -
- nixpkgs-unstable 1.0.0
pkgs.python312Packages.mypy-boto3-securityhub
Type annotations for boto3 securityhub
-
nixos-unstable -
- nixpkgs-unstable boto3-securityhub-1.40.26
pkgs.python313Packages.mypy-boto3-securityhub
Type annotations for boto3 securityhub
-
nixos-unstable -
- nixpkgs-unstable boto3-securityhub-1.40.26
pkgs.python312Packages.mypy-boto3-securitylake
Type annotations for boto3 securitylake
-
nixos-unstable -
- nixpkgs-unstable boto3-securitylake-1.40.0
pkgs.python313Packages.mypy-boto3-securitylake
Type annotations for boto3 securitylake
-
nixos-unstable -
- nixpkgs-unstable boto3-securitylake-1.40.0
pkgs.pantheon.switchboard-plug-security-privacy
Switchboard Security & Privacy Plug
-
nixos-unstable -
- nixpkgs-unstable 8.0.1
pkgs.python312Packages.google-cloud-securitycenter
Cloud Security Command Center API API client library
-
nixos-unstable -
- nixpkgs-unstable 1.39.0
pkgs.python313Packages.google-cloud-securitycenter
Cloud Security Command Center API API client library
-
nixos-unstable -
- nixpkgs-unstable 1.39.0
pkgs.azure-cli-extensions.hardware-security-modules
Microsoft Azure Command-Line Tools AzureDedicatedHSMResourceProvider Extension
-
nixos-unstable -
- nixpkgs-unstable 0.2.0
pkgs.python312Packages.mypy-boto3-codeguru-security
Type annotations for boto3 codeguru-security
-
nixos-unstable -
- nixpkgs-unstable boto3-codeguru-security-1.40.17
pkgs.python313Packages.mypy-boto3-codeguru-security
Type annotations for boto3 codeguru-security
-
nixos-unstable -
- nixpkgs-unstable boto3-codeguru-security-1.40.17
pkgs.python312Packages.azure-keyvault-securitydomain
Microsoft Corporation Azure Keyvault Securitydomain Client Library for Python
-
nixos-unstable -
- nixpkgs-unstable 1.0.0b1
pkgs.python312Packages.types-aiobotocore-securityhub
Type annotations for aiobotocore securityhub
-
nixos-unstable -
- nixpkgs-unstable 2.23.2
pkgs.python313Packages.azure-keyvault-securitydomain
Microsoft Corporation Azure Keyvault Securitydomain Client Library for Python
-
nixos-unstable -
- nixpkgs-unstable 1.0.0b1
pkgs.python313Packages.types-aiobotocore-securityhub
Type annotations for aiobotocore securityhub
-
nixos-unstable -
- nixpkgs-unstable 2.23.2
pkgs.python312Packages.types-aiobotocore-securitylake
Type annotations for aiobotocore securitylake
-
nixos-unstable -
- nixpkgs-unstable 2.23.2
pkgs.python313Packages.types-aiobotocore-securitylake
Type annotations for aiobotocore securitylake
-
nixos-unstable -
- nixpkgs-unstable 2.23.2
pkgs.python312Packages.google-cloud-websecurityscanner
Google Cloud Web Security Scanner API client library
-
nixos-unstable -
- nixpkgs-unstable 1.17.3
pkgs.python313Packages.google-cloud-websecurityscanner
Google Cloud Web Security Scanner API client library
-
nixos-unstable -
- nixpkgs-unstable 1.17.3
pkgs.python312Packages.types-aiobotocore-codeguru-security
Type annotations for aiobotocore codeguru-security
-
nixos-unstable -
- nixpkgs-unstable 2.23.2
pkgs.python313Packages.types-aiobotocore-codeguru-security
Type annotations for aiobotocore codeguru-security
-
nixos-unstable -
- nixpkgs-unstable 2.23.2
pkgs.gnomeExtensions.arch-linux-updates-and-security-indicator
Update indicator for Arch Linux and GNOME Shell.
-
nixos-unstable -
- nixpkgs-unstable 2
pkgs.python312Packages.microsoft-security-utilities-secret-masker
Tool for detecting and masking secrets
-
nixos-unstable -
- nixpkgs-unstable 1.0.0b4
pkgs.python313Packages.microsoft-security-utilities-secret-masker
Tool for detecting and masking secrets
-
nixos-unstable -
- nixpkgs-unstable 1.0.0b4
Package maintainers
-
@katexochen Paul Meyer <katexochen0@gmail.com>
-
@ulrikstrid Ulrik Strid <ulrik.strid@outlook.com>
-
@felixsinger Felix Singer <felixsinger@posteo.net>
-
@honnip Jung seungwoo <me@honnip.page>
-
@fgaz Francesco Gazzetta <fgaz@fgaz.me>
-
@Izorkin Yurii Izorkin <Izorkin@gmail.com>
-
@offlinehacker Jaka Hudoklin <jaka@x-truder.net>
-
@bobby285271 Bobby Rong <rjl931189261@126.com>
-
@davidak David Kleuker <post@davidak.de>
-
@zupo Nejc Zupan <nejczupan+nix@gmail.com>
-
@gador Florian Brandes <florian.brandes@posteo.de>
-
@fabaff Fabian Affolter <mail@fabian-affolter.ch>
-
@mbalatsko Maksym Balatsko <mbalatsko@gmail.com>
-
@jagajaga Arseniy Seroka <ars.seroka@gmail.com>