47.119.16.90
{
"scan_id": 1752993643,
"ip": "47.119.16.90",
"is_ipv4": true,
"is_ipv6": false,
"location": {
"network": "47.119.0.0/16",
"postal_code": "",
"coordinates": {
"latitude": "22.5455",
"longitude": "114.0683"
},
"geo_point": "22.5455, 114.0683",
"locale_code": "en",
"continent": "Asia",
"country_code": "CN",
"country_name": "China",
"city": "Shenzhen"
},
"location_updated_at": "2025-07-19T18:16:37Z",
"asn": {
"number": "AS37963",
"organization": "Hangzhou Alibaba Advertising Co.,Ltd.",
"country_code": ""
},
"asn_updated_at": "0001-01-01T00:00:00Z",
"whois": {
"network": "",
"organization": "",
"descr": "",
"_encoding": {
"raw": ""
}
},
"whois_updated_at": "0001-01-01T00:00:00Z",
"tags": [
{
"name": "is_anonymous_proxy",
"pretty_name": "Anonymous Proxy",
"value": false,
"last_updated_at": "2025-07-19T18:16:37Z"
},
{
"name": "is_cdn",
"pretty_name": "CDN",
"value": false,
"last_updated_at": "2025-07-19T19:05:05Z"
},
{
"name": "is_satellite_provider",
"pretty_name": "Satellite Provider",
"value": false,
"last_updated_at": "2025-07-19T18:16:37Z"
}
],
"services": [
{
"port": 21,
"protocol": "tcp",
"name": "ftp",
"version": "2.0",
"product": "PCMan's FTP Server",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:pcman%27s_ftp_server_project:pcman%27s_ftp_server:2.0",
"part": "a",
"vendor": "pcman\\'s_ftp_server_project",
"product": "pcman\\'s_ftp_server",
"version": "2\\.0",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:microsoft:windows",
"part": "o",
"vendor": "microsoft",
"product": "windows",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"ftp": {
"banner": "220 PCMan's FTP Server 2.0 Ready.\r\n"
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "00000000000000000000000000000000000000000000000000000000000000",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-15T04:35:45.877Z"
},
{
"port": 22,
"protocol": "tcp",
"name": "ssh",
"version": "",
"product": "",
"extra_info": "protocol 2.0",
"tunnel": "",
"modules": {
"ssh": {
"banner": "SSH-2.0-dropbear_2019.78",
"client_to_server_ciphers": [
"[email protected]",
"[email protected]",
"[email protected]",
"aes128-ctr",
"aes192-ctr",
"aes256-ctr"
],
"client_to_server_compression": [
"none"
],
"client_to_server_macs": [
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1",
"hmac-sha1-96"
],
"host_key_algorithms": [
"rsa-sha2-256",
"rsa-sha2-512",
"ssh-rsa"
],
"kex_algorithms": [
"curve25519-sha256",
"[email protected]",
"ecdh-sha2-nistp256",
"ecdh-sha2-nistp384",
"ecdh-sha2-nistp521",
"diffie-hellman-group14-sha256",
"diffie-hellman-group14-sha1",
"[email protected]"
],
"key": {
"algorithm": "ssh-rsa",
"fingerprint_sha256": "326d45acb716a617c9f849745ad29fc65080e2dd76be77ee297cb30d7de4004e"
},
"server_to_client_ciphers": [
"[email protected]",
"[email protected]",
"[email protected]",
"aes128-ctr",
"aes192-ctr",
"aes256-ctr"
],
"server_to_client_compression": [
"none"
],
"server_to_client_macs": [
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1",
"hmac-sha1-96"
],
"software": "dropbear_2019.78",
"version": "2.0"
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-15T12:34:17.206Z"
},
{
"port": 23,
"protocol": "tcp",
"name": "telnet",
"version": "",
"product": "Cowrie Honeypot telnetd",
"extra_info": "",
"tunnel": "",
"modules": {
"telnet": {
"banner": "UTT login: "
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-13T18:31:08.419Z"
},
{
"port": 25,
"protocol": "tcp",
"name": "smtp",
"version": "",
"product": "Postfix smtpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:postfix:postfix",
"part": "a",
"vendor": "postfix",
"product": "postfix",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"smtp": {
"banner": "220 www.oowoo.cc ESMTP Exim smtpd/4.94.2; 1752359404067@a2b80c4db2958d7cbebdcf2793a6e7d0-8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4c979c63fb49be4ffdf240a== xsm\r\n"
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "00000000000000000000000000000000000000000000000000000000000000",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-12T22:30:11.231Z"
},
{
"port": 80,
"protocol": "tcp",
"name": "http",
"version": "v4.30.1161 (release)",
"product": "Tracer SC",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:influxdata:influxdb:2.7.5",
"part": "a",
"vendor": "influxdata",
"product": "influxdb",
"version": "2\\.7\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 701958938,
"body_sha256": "147d4cad49d22ff484325efab8ef93ad7eef9103c97cd9d0ba0dae74a08096fc",
"component": [
"WordPress",
"BEM",
"Ruby",
"Adobe ColdFusion",
"MySQL",
"Liveinternet",
"Python",
"AngularJS",
"CFML",
"PHP",
"Django",
"SPIP:4.1.11",
"Ruby on Rails"
],
"content_length": 146395,
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146395"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Mon, 21 Jul 2025 04:35:08 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"VAppServer"
],
"set_cookie": [
"__s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/",
"zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly",
"cval=f337; path=/; splunkweb_csrf_token_8000=0011;",
"clickedItem_tab=1; asus_token=iDOPsFa54IUYb4alEFeOP4vjZrgspDD; clock_type=1; bw_rtab=INTERNET; ASUS_TrafficMonitor_unit=1",
"PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/",
"ASPSESSIONIDSSCDTDBS=n811avhi2gnvn1mlvv7572hkc; path=/; zfoausername=admin; HttpOnly",
"did=A67B8F9C;",
"NSC_VPNERR=4007",
"_indexVersion=2; path=/",
"CNOAOASESSID=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"session=eyJsb2NhbGUiOiJlbiJ9.ZZ4C4A.Yts__-iv6tJYDJFDwkciSG_z7M4; HttpOnly; Path=/;",
"roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"UID=7400f7aab75991b599187e939d89d69c",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"loginName=admin",
"csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;",
"_zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;",
"fsm_u=admin; Path=/;"
],
"unknown": [
{
"key": "x_aspnet_version",
"value": [
"4.0.30319"
]
},
{
"key": "x_amz_cf_id",
"value": [
"abd"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_jenkins",
"value": [
"a"
]
},
{
"key": "x_highwire_sessionid",
"value": [
"aaefbbcd"
]
},
{
"key": "x_nextjs_stale_time",
"value": [
"4294967294"
]
},
{
"key": "x_azure_ref",
"value": [
"v23"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_sucuri_id",
"value": [
"67"
]
},
{
"key": "x_shopify_generated_cart_token",
"value": [
"aa1b6d68e41056d2955ae9e6fb516372"
]
},
{
"key": "x_flow_powered",
"value": [
"Flow"
]
},
{
"key": "x_cdn_forward",
"value": [
"maxcdn"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_nextjs_prerender",
"value": [
"1"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_alternate_cache_key",
"value": [
"cacheable:ba92b39be043e3c90d2fd075057dd3e5"
]
},
{
"key": "x_page_speed",
"value": [
"900"
]
},
{
"key": "x_timer",
"value": [
"S1579233182.306174,VS0,VE0"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "loginip",
"value": [
"134.209.230.218"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_kooboocms_version",
"value": [
"23"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Fat-Free Framework"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "FU HDTVI 8008F1-S2 192.168.1.109,Digital Video Recorder"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://47.119.16.90:80/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-21T04:55:59.498Z"
},
{
"port": 110,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"modules": {
"pop3": {
"banner": "+OK Microsoft ESMTP MAIL Service ready. <1752208409365@a2b80c4db2958d7cbebdcf2793a6e7d0-8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4cc75c638bf9beffcc2380d26==>\r\n"
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "00000000000000000000000000000000000000000000000000000000000000",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "http://47.119.16.90:110/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-11T14:44:19.211Z"
},
{
"port": 143,
"protocol": "tcp",
"name": "http",
"version": "9.4.33.v20201020",
"product": "Jetty",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:mortbay:jetty:9.4.33.v20201020",
"part": "a",
"vendor": "mortbay",
"product": "jetty",
"version": "9\\.4\\.33\\.v20201020",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 1478358086,
"body_sha256": "602e109c14717a0633d61b24721076dd9a4cff5739ac983c31e81b54b8b577ba",
"component": [
"Django",
"Adobe ColdFusion",
"CFML",
"AngularJS",
"BEM",
"Ruby on Rails",
"Liveinternet",
"PHP",
"Python",
"Ruby",
"SPIP:4.1.11",
"WordPress",
"MySQL"
],
"content_length": 146378,
"favicon": {
"md5_hash": "1f52cc8ce9a3ab7ea704820f5f6a185e",
"murmur_hash": -1033644073,
"path": "http://47.119.16.90:143/favicon.ico",
"size": 3774
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146378"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 20 Jul 2025 14:37:47 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"cc-web/1.6.3"
],
"set_cookie": [
"CLIENT_ID=7214",
"akaunting_session=7b22; Path=/;",
"roundcube_cookies=enabled; HttpOnly; expires=Tue, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"webvpn=A9790AFEACDEFA01FAAEAFEWFF390AE; path=/; secure;",
"sesskey=21263a2bf; path=/;",
"token=21263a2bf; path=/;",
"swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs; path=/; secure; HttpOnly;",
"MRHSession=ffd33fd2; path=/",
"trsidsssosessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; HttpOnly;",
"jeesite.session.id=n811avhi2gnvn1mlvv7572hkc; path=/; i_like_gogs=; i_like_gitea=; harbor-lang=; atmail6=; a=phpMyAdmin; b=/pma_lang; HttpOnly",
"USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly",
"id=A67B8F9C;",
"DSIVS=; path=/; expires=Thu, 01 Jan 1970 22:00:00 GMT; secure;",
"openvpn_sess_H8jh9h5ZIWc4UupqRJqPcoH8cBuTGY4w8bl3_UBvts1XPiItuVQMxvAvN8y5RBLbLlezh0Zm2xKpNmMwSCcvTw=CMvHtVV0n6DjvP5c--JgEWS3QsIcjzA5-zwezOq1K0Vzs2WaMh_YR2h7HJIZppxqLTaCrhNv3uTg4yl2X4dMPw; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; Secure; HttpOnly",
"wordpress_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7C70307dfb; path=/wp-admin; HttpOnly",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c; path=/"
],
"unknown": [
{
"key": "x_alternate_cache_key",
"value": [
"cacheable:ba92b39be043e3c90d2fd075057dd3e5"
]
},
{
"key": "x_sucuri_id",
"value": [
"67"
]
},
{
"key": "loginip",
"value": [
"167.172.162.199"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_cache_enabled",
"value": [
"False"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_shopify_generated_cart_token",
"value": [
"aa1b6d68e41056d2955ae9e6fb516372"
]
},
{
"key": "x_src_webcache",
"value": [
"fe05"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_nextjs_cache",
"value": [
"HIT"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_citrix_application",
"value": [
"Receiver for Web"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_powered_by_plesk",
"value": [
"PleskWin"
]
},
{
"key": "x_shardid",
"value": [
"80"
]
},
{
"key": "x_cache",
"value": [
"miss"
]
},
{
"key": "x_cache_miss_from",
"value": [
"parking-74c5b8d946-dhmw5"
]
},
{
"key": "x_backside_transport",
"value": [
"FAIL FAIL"
]
},
{
"key": "x_shopify_stage",
"value": [
"production"
]
},
{
"key": "x_vercel_cache",
"value": [
"1"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Catberry"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "Tenda 11N Wireless Router Login Screen"
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://47.119.16.90:143/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T19:44:38.318Z"
},
{
"port": 443,
"protocol": "tcp",
"name": "sip-proxy",
"version": "14.0.17",
"product": "FreePBX",
"extra_info": "Asterisk 15.7.4",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:sangoma:freepbx:14.0.17",
"part": "a",
"vendor": "sangoma",
"product": "freepbx",
"version": "14\\.0\\.17",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:vmware:ESXi:6.5.0",
"part": "o",
"vendor": "vmware",
"product": "esxi",
"version": "6\\.5\\.0",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 1776180890,
"body_sha256": "d65c56e441d8a5a713b3274536baa56cbb44973814abdb3c081f49373a6a07a8",
"component": [
"AngularJS",
"WordPress",
"BEM",
"Ruby",
"PHP",
"Python",
"Liveinternet",
"Adobe ColdFusion",
"CFML",
"Ruby on Rails",
"Proxmox VE",
"MySQL",
"Django",
"SPIP:4.1.11"
],
"content_length": 146345,
"favicon": {
"md5_hash": "44071663a97aa46640d124dd31fe7521",
"murmur_hash": 2091717113,
"path": "http://47.119.16.90:443/favicon.ico",
"size": 7659
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146345"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 20 Jul 2025 16:07:35 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"pve-api-daemon/3.0"
],
"set_cookie": [
"DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;",
"grafana_session=f7fbcb089c6994b7bc45775fdae1a13c; Path=/; Max-Age=2592000; HttpOnly; Secure; SameSite=Lax",
"zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly",
"webvpn=A9790AFEACDEFA01FAAEAFEWFF390AE; path=/; secure;",
"X-Qlik-Session=35263a2bf; path=/;",
"Session=10.76.118.67.ff37fe7ceeca9a0ebedcf6549e8275d9; path=/",
"akaunting_session=7b22; Path=/;",
"LastMRH_Session=ffd33fd2; path=/",
"session=eyJsb2NhbGUiOiJlbiJ9.ZZ4C4A.Yts__-iv6tJYDJFDwkciSG_z7M4; HttpOnly; Path=/;",
"RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;",
"ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly",
"id=A67B8F9C;",
"JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;",
"PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/",
"sesskey=21263a2bf; path=/;",
"fsm_login=37dfe4372f3867d7c134d618cbef137b; Path=/;",
"MISESSID=22363a2bf; path=/mi;",
"NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;"
],
"unknown": [
{
"key": "x_mod_pagespeed",
"value": [
"1.13.35.2-0"
]
},
{
"key": "x_sorting_hat_podid",
"value": [
"80"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_litespeed_cache",
"value": [
"hit"
]
},
{
"key": "x_aspnet_version",
"value": [
"4.0.30319"
]
},
{
"key": "x_github_request_id",
"value": [
"2544:7F5D:24C5A8:296D36:5E2B2B7B"
]
},
{
"key": "loginip",
"value": [
"46.101.198.27"
]
},
{
"key": "x_bubble_capacity_limit",
"value": [
"12"
]
},
{
"key": "x_cdn_forward",
"value": [
"maxcdn"
]
},
{
"key": "x_check",
"value": [
"3112dc4d54f8e22d666785b733b0052100c53444"
]
},
{
"key": "x_powered_cms",
"value": [
"Bitrix Site Manager (31ebf3fe2d1251fbd7f82a700bcc1f66)"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_lift_version",
"value": [
"89"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_aspnetmvc_version",
"value": [
"5.2"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_turbo_charged_by",
"value": [
"LiteSpeed"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_iinfo",
"value": [
"11-40203780-0 0NNN RT(1579229728732 0) q(0 -1 -1 -1) r(0 -1)"
]
},
{
"key": "x_influxdb",
"value": [
"b"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_fastly_request_id",
"value": [
"135"
]
},
{
"key": "x_azure_ref",
"value": [
"v23"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Mono"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "AIPC(CTR-600)"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2018-15891",
"severity": "medium"
},
{
"id": "CVE-2019-19538",
"severity": "high"
},
{
"id": "CVE-2019-19851",
"severity": "medium"
}
],
"url": "https://47.119.16.90/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T21:23:57.846Z"
},
{
"port": 465,
"protocol": "tcp",
"name": "smtp",
"version": "8.14.7/8.14.7",
"product": "Sendmail",
"extra_info": "",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:sendmail:sendmail:8.14.7%2F8.14.7",
"part": "a",
"vendor": "sendmail",
"product": "sendmail",
"version": "8\\.14\\.7\\/8\\.14\\.7",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-14T06:54:00.915Z"
},
{
"port": 587,
"protocol": "tcp",
"name": "smtp",
"version": "",
"product": "Postfix smtpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:postfix:postfix",
"part": "a",
"vendor": "postfix",
"product": "postfix",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"smtp": {
"banner": "220 www.oowoo.cc ESMTP cbdev cmail smtpd; 1752570495574@a2b80c4db2958d7cbebdcf2793a6e7d0-8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4cc74c633bf9be4fbd9240d2006== xsm\r\n"
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "00000000000000000000000000000000000000000000000000000000000000",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-15T15:20:11.173Z"
},
{
"port": 631,
"protocol": "tcp",
"name": "http",
"version": "1.0.0",
"product": "uc-httpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:xiongmai_technologies:uc-httpd:1.0.0",
"part": "a",
"vendor": "xiongmai_technologies",
"product": "uc\\-httpd",
"version": "1\\.0\\.0",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -1942612305,
"body_sha256": "475fb96f0ecbe6ae125ecbf753c5d461a697315a4c803f90260518cd94ed7049",
"component": [
"BEM",
"Adobe ColdFusion",
"CFML",
"WordPress",
"PHP",
"Ruby on Rails",
"Liveinternet",
"Django",
"Python",
"SPIP:4.1.11",
"AngularJS",
"Ruby",
"MySQL"
],
"content_length": 146347,
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146347"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 20 Jul 2025 20:11:03 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"webserver/0.0.0"
],
"set_cookie": [
"NX-ANTI-CSRF-TOKEN=7400f7aab75991b599187e939d89d69c",
"CNOAOASESSID=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"ASPSESSIONIDSSCDTDBS=n811avhi2gnvn1mlvv7572hkc; path=/; zfoausername=admin; HttpOnly",
"swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs; path=/; secure; HttpOnly;",
"wordpress_logged_in_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7Cbf7a880; path=/; HttpOnly",
"sesskey=21263a2bf; path=/;",
"grafana_session=f7fbcb089c6994b7bc45775fdae1a13c; Path=/; Max-Age=2592000; HttpOnly; Secure; SameSite=Lax",
"roundcube_cookies=enabled; HttpOnly; expires=Tue, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"F5_ST=2f2f1f1665754014a-1; path=/",
"DSSignInURL=/; path=/; secure;",
"fsm_login=37dfe4372f3867d7c134d618cbef137b; Path=/;",
"MRHSession=ffd33fd2; path=/",
"RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;",
"roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"metabase.DEVICE=657aec21-0f2d-4aa8-9973-172d408c3ebf;HttpOnly;Path=/;Expires=Thu, 01-Jan-1970 00:00:01;SameSite=None;Secure",
"XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; HttpOnly;",
"sessionNonceCookie-91c537b4-8e24-3455-8f0c-225b8fcc3641=16a09f29-a4ff-4be2-b4a5-913c7880d677; Max-Age=4800; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Path=/; Secure; HttpOnly; SameSite=None",
"csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains"
],
"unknown": [
{
"key": "x_nextjs_cache",
"value": [
"HIT"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_akamai_transformed",
"value": [
"af1"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_cache_miss_from",
"value": [
"parking-74c5b8d946-dhmw5"
]
},
{
"key": "loginip",
"value": [
"164.92.168.207"
]
},
{
"key": "x_cache_group",
"value": [
"normal"
]
},
{
"key": "x_squid_error",
"value": [
"ERR_INVALID_URL 0"
]
},
{
"key": "x_dynatrace_js_agent",
"value": [
"ch"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_nginx_cache_status",
"value": [
"MISS"
]
},
{
"key": "x_contextid",
"value": [
"YQo="
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_syno_token",
"value": [
"MIGfMA0GCSq"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_influxdb_build",
"value": [
"OSS"
]
},
{
"key": "x_served_by",
"value": [
"cache-xsp21434-XSP"
]
},
{
"key": "x_aspnetmvc_version",
"value": [
"5.2"
]
},
{
"key": "x_cdn_forward",
"value": [
"maxcdn"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Tomcat"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "TnT-102GE"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"ipp": {
"printer_uris": null,
"versions": null
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://47.119.16.90:631/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T21:42:02.384Z"
},
{
"port": 993,
"protocol": "tcp",
"name": "sip-proxy",
"version": "14.0.17",
"product": "FreePBX",
"extra_info": "Asterisk 15.7.4",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:sangoma:freepbx:14.0.17",
"part": "a",
"vendor": "sangoma",
"product": "freepbx",
"version": "14\\.0\\.17",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -1234555567,
"body_sha256": "0f93a722160e9f0944ee291fe0d69cfa56e23055f06938bad02943870efccd59",
"component": [
"Liveinternet",
"Ruby on Rails",
"Ruby",
"Django",
"Python",
"WordPress",
"MySQL",
"CFML",
"SPIP:4.1.11",
"PHP",
"AngularJS",
"Adobe ColdFusion",
"BEM"
],
"content_length": 145725,
"favicon": {
"md5_hash": "44071663a97aa46640d124dd31fe7521",
"murmur_hash": 2091717113,
"path": "http://47.119.16.90:993/favicon.ico",
"size": 7659
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145725"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Fri, 11 Jul 2025 16:38:44 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"CWMP-Agent"
],
"set_cookie": [
"wordpress_logged_in_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7Cbf7a880; path=/; HttpOnly",
"MRHSession=ffd33fd2; path=/",
"trsidsssosessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"UID=7400f7aab75991b599187e939d89d69c",
"sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;",
"session820/qualitor820=2ek44merar6fo67l01hdr09u0l; path=/; HttpOnly; SameSite=Lax",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"__s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/",
"_zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;",
"PHC_DISABLED=1; path=/; secure;",
"NSC_VPNERR=4007",
"webvpn_as=; path=/; secure;",
"ASPSESSIONIDSSCDTDBS=n811avhi2gnvn1mlvv7572hkc; path=/; zfoausername=admin; HttpOnly",
"session=eyJsb2NhbGUiOiJlbiJ9.ZZ4C4A.Yts__-iv6tJYDJFDwkciSG_z7M4; HttpOnly; Path=/;",
"grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax",
"wordpress_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7C70307dfb; path=/wp-admin; HttpOnly",
"webvpnlogin=; path=/; secure;",
"sessionNonceCookie-91c537b4-8e24-3455-8f0c-225b8fcc3641=16a09f29-a4ff-4be2-b4a5-913c7880d677; Max-Age=4800; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Path=/; Secure; HttpOnly; SameSite=None"
],
"unknown": [
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_ibm_aspera",
"value": [
"af"
]
},
{
"key": "x_ruxit_js_agent",
"value": [
"true"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_fastcgi_cache",
"value": [
"2"
]
},
{
"key": "x_github_request_id",
"value": [
"2544:7F5D:24C5A8:296D36:5E2B2B7B"
]
},
{
"key": "loginip",
"value": [
"207.154.205.9"
]
},
{
"key": "x_cache_miss_from",
"value": [
"parking-74c5b8d946-dhmw5"
]
},
{
"key": "x_timer",
"value": [
"S1579233182.306174,VS0,VE0"
]
},
{
"key": "x_amz_cf_id",
"value": [
"CtsEH7KQ5yf2LQM4TNLiEjUavO2mWjwAez9sPj8Ws5MUdPUz2A=="
]
},
{
"key": "x_citrix_application",
"value": [
"Receiver for Web"
]
},
{
"key": "x_includable_version",
"value": [
"32"
]
},
{
"key": "x_mod_pagespeed",
"value": [
"1.13.35.2-0"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_fsc",
"value": [
"=deleteMe|rememberMe= 360wzws|CWAP-waf|zhuji.360.cn|X-Safe-Firewall AkamaiGHost Anquanbao Basic realm=\"dubbo\" BigIP|BIGipServer binarysec BlockDos.net client_param=install_active cloudflare cloudfront Cneonction|nnCoection|citrix_ns_id dotDefender ecology_JSessionid EMobileServer 华夏ERP JBoss jsluid= laravel_session linksys-vpn Mod_Security|NOYB Nagios Access nagios admin newdefend NSFocus Protected by COMODO Safe3WAF|Safe3 Web Firewall Safedog|WAF/2.0 Secure Entry Server sessioncookie= SonicWALL Sucuri/Cloudproxy ThinkPHP varnish wallarm WebKnight WebLogic webvpn X-Backside-Transport X-CDN|Incapsula X-Confluence X-Mapping- YUNDUN yunjiasu yunsuo zhuji.360.cn"
]
},
{
"key": "x_shopify_stage",
"value": [
"production"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_accelerated_by",
"value": [
"1"
]
},
{
"key": "x_nextjs_stale_time",
"value": [
"4294967294"
]
},
{
"key": "x_generator",
"value": [
"Drupal 7 (http://drupal.org)"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
}
],
"www_authenticate": [
"Basic realm=\"Server Status\""
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"PbootCMS"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 401,
"title": "User Portal"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2018-15891",
"severity": "medium"
},
{
"id": "CVE-2019-19538",
"severity": "high"
},
{
"id": "CVE-2019-19851",
"severity": "medium"
}
],
"url": "https://47.119.16.90:993/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-14T10:50:19.385Z"
},
{
"port": 995,
"protocol": "tcp",
"name": "http",
"version": "2.7.5",
"product": "InfluxDB http admin",
"extra_info": "",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:influxdata:influxdb:2.7.5",
"part": "a",
"vendor": "influxdata",
"product": "influxdb",
"version": "2\\.7\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -209154760,
"body_sha256": "c22eaf36987a914cb97ff9258e941890d510e2215b9a6fe05a6cbbf71169b242",
"component": [
"Django",
"Python",
"MySQL",
"Liveinternet",
"BEM",
"SPIP:4.1.11",
"Adobe ColdFusion",
"CFML",
"PHP",
"AngularJS",
"WordPress",
"Ruby on Rails",
"Ruby"
],
"content_length": 146342,
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146342"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 20 Jul 2025 09:43:53 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"Synapse"
],
"set_cookie": [
"NX-ANTI-CSRF-TOKEN=7400f7aab75991b599187e939d89d69c",
"webvpnaac=1; path=/; secure;",
"id=A67B8F9C;",
"roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"wordpress_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7C70307dfb; path=/wp-admin; HttpOnly",
"MoodleSession=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"grafana_session=f7fbcb089c6994b7bc45775fdae1a13c; Path=/; Max-Age=2592000; HttpOnly; Secure; SameSite=Lax",
"CLIENT_ID=7214",
"DSSignInURL=/; path=/; secure;",
"CNOAOASESSID=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"X-Qlik-Session=35263a2bf; path=/;",
"Session=10.76.118.67.ff37fe7ceeca9a0ebedcf6549e8275d9; path=/",
"RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;",
"F5_ST=2f2f1f1665754014a-1; path=/",
"__s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/",
"_indexVersion=2; path=/",
"webvpn_as=; path=/; secure;",
"SDPSESSIONID=AE7F18F5CE887FC885E5A1AE449D9AC1; Path=/; Secure; HttpOnly; SameSite=None;"
],
"unknown": [
{
"key": "x_cache",
"value": [
"miss"
]
},
{
"key": "x_ibm_aspera",
"value": [
"af"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_permitted_cross_domain_policies",
"value": [
"none"
]
},
{
"key": "x_amz_cf_id",
"value": [
"abd"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_dc",
"value": [
"gcp-us-east1,gcp-us-central1,gcp-us-central1"
]
},
{
"key": "x_drupal_cache",
"value": [
"HIT"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_includable_version",
"value": [
"32"
]
},
{
"key": "x_accelerated_by",
"value": [
"1"
]
},
{
"key": "x_t_location",
"value": [
"/iam"
]
},
{
"key": "loginip",
"value": [
"157.230.108.62"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_page_speed",
"value": [
"1.13.35.2-0"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_squid_error",
"value": [
"ERR_INVALID_URL 0"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Craft CMS"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "MKPG"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://47.119.16.90:995/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T14:22:31.682Z"
},
{
"port": 1433,
"protocol": "tcp",
"name": "unknown",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"modules": {
"mssql": {
"encrypt_mode": "ENCRYPT_NOT_SUP",
"instance_name": "",
"version": "15.0.4153"
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-18T12:59:16.707Z"
},
{
"port": 1434,
"protocol": "tcp",
"name": "sip-proxy",
"version": "14.0.17",
"product": "FreePBX",
"extra_info": "Asterisk 15.7.4",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:sangoma:freepbx:14.0.17",
"part": "a",
"vendor": "sangoma",
"product": "freepbx",
"version": "14\\.0\\.17",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 923735672,
"body_sha256": "35449f659b7d3814be974410267b0f98b7207628a04db73e142b868a7be8e3df",
"component": [
"Adobe ColdFusion",
"Amazon Web Services",
"BEM",
"MySQL",
"PHP",
"Liveinternet",
"Django",
"Python",
"Ruby",
"SPIP:4.1.11",
"WordPress",
"CFML",
"Ruby on Rails",
"Amazon CloudFront",
"AngularJS"
],
"content_length": 145767,
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145767"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Mon, 14 Jul 2025 12:26:48 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"proxy_authenticate": [
"Basic realm=\"Tinyproxy\""
],
"server": [
"nPerf/2.2.6 2021-05-08"
],
"set_cookie": [
"grafana_session=f7fbcb089c6994b7bc45775fdae1a13c; Path=/; Max-Age=2592000; HttpOnly; Secure; SameSite=Lax",
"sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;",
"session=eyJsb2NhbGUiOiJlbiJ9.ZZ4C4A.Yts__-iv6tJYDJFDwkciSG_z7M4; HttpOnly; Path=/;",
"clickedItem_tab=1; asus_token=iDOPsFa54IUYb4alEFeOP4vjZrgspDD; clock_type=1; bw_rtab=INTERNET; ASUS_TrafficMonitor_unit=1",
"__s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/",
"DSIVS=; path=/; expires=Thu, 01 Jan 1970 22:00:00 GMT; secure;",
"metabase.DEVICE=657aec21-0f2d-4aa8-9973-172d408c3ebf;HttpOnly;Path=/;Expires=Thu, 01-Jan-1970 00:00:01;SameSite=None;Secure",
"MRHSHint=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/",
"_csrf=ffd33fd2; path=/",
"acSamlv2Token=; path=/; secure;",
"acSamlv2Error=; path=/; secure;",
"fsm_login=37dfe4372f3867d7c134d618cbef137b; Path=/;",
"csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;",
"grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"trsidsssosessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"loginName=admin",
"swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs; path=/; secure; HttpOnly;"
],
"unknown": [
{
"key": "x_generator",
"value": [
"Drupal 7 (http://drupal.org)"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_redirect_by",
"value": [
"WordPress"
]
},
{
"key": "x_mod_pagespeed",
"value": [
"tr"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_nginx_cache_status",
"value": [
"MISS"
]
},
{
"key": "x_varnish",
"value": [
"336777937"
]
},
{
"key": "loginip",
"value": [
"167.99.8.127"
]
},
{
"key": "x_download_options",
"value": [
"noopen"
]
},
{
"key": "x_nextjs_cache",
"value": [
"HIT"
]
},
{
"key": "x_pingback",
"value": [
"https://example.com/xmlrpc.php"
]
},
{
"key": "x_ruxit_js_agent",
"value": [
"true"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_check",
"value": [
"3112dc4d54f8e22d666785b733b0052100c53444"
]
},
{
"key": "x_cacheable",
"value": [
"SHORT"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_includable_version",
"value": [
"32"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_chromelogger_data",
"value": [
"13"
]
},
{
"key": "x_accelerated_by",
"value": [
"1"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
}
],
"vary": [
"RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch, Accept-Encoding"
],
"via": [
"1.1 51766bfb56389c696c1525db90e16f23.cloudfront.net (CloudFront)"
],
"www_authenticate": [
"Basic realm=\"TP-LINK Wireless N Router IPC223(P)-6\""
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Sails"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 401,
"title": "DVR遠程管理系統"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2018-15891",
"severity": "medium"
},
{
"id": "CVE-2019-19538",
"severity": "high"
},
{
"id": "CVE-2019-19851",
"severity": "medium"
}
],
"url": "https://47.119.16.90:1434/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-19T04:16:08.857Z"
},
{
"port": 1883,
"protocol": "tcp",
"name": "mqtt",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T08:28:24.755Z"
},
{
"port": 1911,
"protocol": "tcp",
"name": "sip-proxy",
"version": "14.0.17",
"product": "FreePBX",
"extra_info": "Asterisk 15.7.4",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:sangoma:freepbx:14.0.17",
"part": "a",
"vendor": "sangoma",
"product": "freepbx",
"version": "14\\.0\\.17",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 1075208392,
"body_sha256": "5f74c909e5b63b775620efef7450d335c94a6d0b8a87aefa71a9e5199af0a0cd",
"component": [
"Django",
"AngularJS",
"BEM",
"Fedora",
"Liveinternet",
"Ruby on Rails",
"Adobe ColdFusion",
"PHP",
"MySQL",
"CFML",
"Python",
"Ruby",
"SPIP:4.1.11",
"WordPress"
],
"content_length": 145726,
"favicon": {
"md5_hash": "af13b379bdb4ae7a5e68d9aa4419b2e4",
"murmur_hash": 899457975,
"path": "http://47.119.16.90:1911/favicon.ico",
"size": 1406
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145726"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Fri, 11 Jul 2025 18:35:28 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"Fedora"
],
"set_cookie": [
"com.trs.idm.coSessionId=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"metabase.DEVICE=657aec21-0f2d-4aa8-9973-172d408c3ebf;HttpOnly;Path=/;Expires=Thu, 01-Jan-1970 00:00:01;SameSite=None;Secure",
"RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;",
"fsm_login=37dfe4372f3867d7c134d618cbef137b; Path=/;",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"DSIVS=; path=/; expires=Thu, 01 Jan 1970 22:00:00 GMT; secure;",
"USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly",
"did=A67B8F9C;",
"DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;",
"adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;",
"cval=f337; path=/; splunkweb_csrf_token_8000=0011;",
"CNOAOASESSID=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; HttpOnly;",
"ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly",
"akaunting_session=7b22; Path=/;",
"CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;",
"MRHSession=ffd33fd2; path=/",
"laravel_session=a0ffeb;"
],
"unknown": [
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_qlik_xrfkey",
"value": [
"ef00"
]
},
{
"key": "loginip",
"value": [
"46.101.110.199"
]
},
{
"key": "sec_websocket_accept",
"value": [
"MIGfMA0GCSq"
]
},
{
"key": "x_influxdb_version",
"value": [
"v2.7.5"
]
},
{
"key": "x_shopify_stage",
"value": [
"production"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "access_control_expose_headers",
"value": [
"mcp-session-id"
]
},
{
"key": "x_shardid",
"value": [
"80"
]
},
{
"key": "x_amz_cf_pop",
"value": [
"MAA50-C1"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_graylog_node_id",
"value": [
"97"
]
},
{
"key": "x_includable_version",
"value": [
"32"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_citrix_application",
"value": [
"Receiver for Web"
]
},
{
"key": "x_sucuri_id",
"value": [
"67"
]
},
{
"key": "x_cdn",
"value": [
"Incapsula"
]
},
{
"key": "x_nananana",
"value": [
"Batcache"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_cache_hits",
"value": [
"0"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_dynatrace_js_agent",
"value": [
"ch"
]
},
{
"key": "x_fw_server",
"value": [
"Flywheel"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_template",
"value": [
"tpl_CleanPeppermintBlack_twoclick"
]
}
],
"www_authenticate": [
"Basic realm=\"[RTX1210]\""
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"blade-"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 401,
"title": "Mautic"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2018-15891",
"severity": "medium"
},
{
"id": "CVE-2019-19538",
"severity": "high"
},
{
"id": "CVE-2019-19851",
"severity": "medium"
}
],
"url": "https://47.119.16.90:1911/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-14T12:34:06.092Z"
},
{
"port": 2181,
"protocol": "tcp",
"name": "http",
"version": "1.4.35",
"product": "lighttpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:lighttpd:lighttpd:1.4.35",
"part": "a",
"vendor": "lighttpd",
"product": "lighttpd",
"version": "1\\.4\\.35",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 1585116220,
"body_sha256": "7a577a4ed912eb1f4cc60629d69806808263834a52a68c1054ef042e9be64c22",
"component": [
"AngularJS",
"CFML",
"Liveinternet",
"Django",
"Python",
"Adobe ColdFusion",
"MySQL",
"BEM",
"Ruby on Rails",
"Ruby",
"WordPress",
"PHP",
"SPIP:4.1.11"
],
"content_length": 146336,
"favicon": {
"md5_hash": "9b71349660a2170717ff6a84f9de12a1",
"murmur_hash": 939607277,
"path": "http://47.119.16.90:2181/favicon.ico",
"size": 2340
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146336"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sat, 19 Jul 2025 06:31:43 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"p3p": [
"CP=CAO PSA OUR"
],
"pragma": [
"private"
],
"server": [
"SDK 4.2.0.0 UPnP/1.0 MiniUPnPd/1.6"
],
"set_cookie": [
"sdplogincsrfcookie=6cc9d6ad-33d5-4b5a-adc8-b5bf284cb492; Path=/; SameSite=None; Secure;",
"wordpress_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7C70307dfb; path=/wp-admin; HttpOnly",
"csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains",
"acSamlv2Token=; path=/; secure;",
"csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;",
"UICSESSION=qqhhk66ogtvugchmqfov0j4l96; path=/;",
"NSC_VPNERR=4007",
"roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"token=21263a2bf; path=/;",
"MRHSHint=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/",
"DSSignInURL=/; path=/; secure;",
"CLIENT_ID=7214",
"SOLONID=n91i168jps8rd856bcrln2isqe; path=/",
"sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;",
"AUTHSID=7400f7aab75991b599187e939d89d69c",
"MRHSession=ffd33fd2; path=/",
"openvpn_sess_H8jh9h5ZIWc4UupqRJqPcoH8cBuTGY4w8bl3_UBvts1XPiItuVQMxvAvN8y5RBLbLlezh0Zm2xKpNmMwSCcvTw=CMvHtVV0n6DjvP5c--JgEWS3QsIcjzA5-zwezOq1K0Vzs2WaMh_YR2h7HJIZppxqLTaCrhNv3uTg4yl2X4dMPw; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; Secure; HttpOnly",
"USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly"
],
"unknown": [
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_cache_enabled",
"value": [
"False"
]
},
{
"key": "x_fb_error_from",
"value": [
"fwdproxy"
]
},
{
"key": "x_highwire_sessionid",
"value": [
"aaefbbcd"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_src_webcache",
"value": [
"fe05"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "cf_ray",
"value": [
"55611f709b975f5b-LAS"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_via_fastly",
"value": [
"5"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "loginip",
"value": [
"24.144.109.15"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_powered_cms",
"value": [
"Bitrix Site Manager (31ebf3fe2d1251fbd7f82a700bcc1f66)"
]
},
{
"key": "x_akamai_transformed",
"value": [
"af1"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_fsc",
"value": [
"=deleteMe|rememberMe= 360wzws|CWAP-waf|zhuji.360.cn|X-Safe-Firewall AkamaiGHost Anquanbao Basic realm=\"dubbo\" BigIP|BIGipServer binarysec BlockDos.net client_param=install_active cloudflare cloudfront Cneonction|nnCoection|citrix_ns_id dotDefender ecology_JSessionid EMobileServer 华夏ERP JBoss jsluid= laravel_session linksys-vpn Mod_Security|NOYB Nagios Access nagios admin newdefend NSFocus Protected by COMODO Safe3WAF|Safe3 Web Firewall Safedog|WAF/2.0 Secure Entry Server sessioncookie= SonicWALL Sucuri/Cloudproxy ThinkPHP varnish wallarm WebKnight WebLogic webvpn X-Backside-Transport X-CDN|Incapsula X-Confluence X-Mapping- YUNDUN yunjiasu yunsuo zhuji.360.cn"
]
},
{
"key": "x_request_id",
"value": [
"ecff8573-23ca-4dbc-a0a9-e8af7876c4ae"
]
},
{
"key": "x_fastly_request_id",
"value": [
"135"
]
},
{
"key": "x_qlik_xrfkey",
"value": [
"ef00"
]
},
{
"key": "x_gocache_cachestatus",
"value": [
"ok"
]
},
{
"key": "x_graylog_node_id",
"value": [
"97"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Next.js"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "Hexo"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2015-3200",
"severity": "high"
},
{
"id": "CVE-2018-19052",
"severity": "high"
},
{
"id": "CVE-2019-11072",
"severity": "critical"
}
],
"url": "https://47.119.16.90:2181/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-19T06:32:09.211Z"
},
{
"port": 2525,
"protocol": "tcp",
"name": "smtp",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"modules": {
"smtp": {
"banner": "220 www.oowoo.cc ESMTP Microsoft ESMTP MAIL Service; 1752511395781@a2b80c4db2958d7cbebdcf2793a6e7d0-8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4c979c63fb49be7fddd240e2506== xsm\r\n"
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "00000000000000000000000000000000000000000000000000000000000000",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-14T16:43:25.045Z"
},
{
"port": 3306,
"protocol": "tcp",
"name": "mysql",
"version": "5.7.31",
"product": "MySQL",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:mysql:mysql:5.7.31",
"part": "a",
"vendor": "mysql",
"product": "mysql",
"version": "5\\.7\\.31",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"mysql": {
"capability_flags": {
"CLIENT_COMPRESS": true,
"CLIENT_CONNECT_WITH_DB": true,
"CLIENT_FOUND_ROWS": true,
"CLIENT_IGNORE_SIGPIPE": true,
"CLIENT_IGNORE_SPACE": true,
"CLIENT_INTERACTIVE": true,
"CLIENT_LOCAL_FILES": true,
"CLIENT_LONG_FLAG": true,
"CLIENT_LONG_PASSWORD": true,
"CLIENT_MULTI_RESULTS": true,
"CLIENT_MULTI_STATEMENTS": true,
"CLIENT_NO_SCHEMA": true,
"CLIENT_ODBC": true,
"CLIENT_PLUGIN_AUTH": true,
"CLIENT_PROTOCOL_41": true,
"CLIENT_PS_MULTI_RESULTS": true,
"CLIENT_RESERVED": true,
"CLIENT_SECURE_CONNECTION": true,
"CLIENT_TRANSACTIONS": true
},
"protocol_version": 10,
"version": "5.7.31"
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-10T15:15:55.304Z"
},
{
"port": 5000,
"protocol": "tcp",
"name": "sip-proxy",
"version": "14.0.17",
"product": "FreePBX",
"extra_info": "Asterisk 15.7.4",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:sangoma:freepbx:14.0.17",
"part": "a",
"vendor": "sangoma",
"product": "freepbx",
"version": "14\\.0\\.17",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -280979079,
"body_sha256": "f860e4bf6c38017e0c4eeb2978fe21ca7326aa845969acec083c7c6b2418216f",
"component": [
"Django",
"Python",
"Ruby on Rails",
"SPIP:4.1.11",
"MySQL",
"PHP",
"Liveinternet",
"Ruby",
"BEM",
"Adobe ColdFusion",
"AngularJS",
"Mojolicious",
"Perl",
"WordPress",
"CFML"
],
"content_length": 145550,
"favicon": {
"md5_hash": "6220f00b190723200494ffaa4dc8c00a",
"murmur_hash": 1592926977,
"path": "http://47.119.16.90:5000/favicon.ico",
"size": 7457
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145550"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 06 Jul 2025 02:22:51 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"p3p": [
"CP=CAO PSA OUR"
],
"pragma": [
"private"
],
"server": [
"Mojolicious"
],
"set_cookie": [
"webvpn_as=; path=/; secure;",
"DSSignInURL=/; path=/; secure;",
"ASPSESSIONIDSSCDTDBS=n811avhi2gnvn1mlvv7572hkc; path=/; zfoausername=admin; HttpOnly",
"session=eyJsb2NhbGUiOiJlbiJ9.ZZ4C4A.Yts__-iv6tJYDJFDwkciSG_z7M4; HttpOnly; Path=/;",
"zentaosid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"did=A67B8F9C;",
"fsm_login=37dfe4372f3867d7c134d618cbef137b; Path=/;",
"grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax",
"DSIVS=; path=/; expires=Thu, 01 Jan 1970 22:00:00 GMT; secure;",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"webvpnaac=1; path=/; secure;",
"TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;",
"jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c; path=/",
"roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"com.trs.idm.coSessionId=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;",
"samlPreauthSessionHash=; path=/; secure;",
"cval=f337; path=/; splunkweb_csrf_token_8000=0011;"
],
"unknown": [
{
"key": "x_adblock_key",
"value": [
"23"
]
},
{
"key": "x_bubble_perf",
"value": [
"/"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_influxdb_version",
"value": [
"v2.7.5"
]
},
{
"key": "x_vercel_cache",
"value": [
"1"
]
},
{
"key": "x_page_speed",
"value": [
"1.13.35.2-0"
]
},
{
"key": "x_aspnet_version",
"value": [
"4.0.30319"
]
},
{
"key": "x_sorting_hat_podid",
"value": [
"80"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_amz_cf_pop",
"value": [
"MAA50-C1"
]
},
{
"key": "host_header",
"value": [
"6d77dd967d63c3104bced1db0cace49c"
]
},
{
"key": "x_axentra_version",
"value": [
"13"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_ruxit_js_agent",
"value": [
"true"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "loginip",
"value": [
"165.227.163.149"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "cf_ray",
"value": [
"55611f709b975f5b-LAS"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_nextjs_stale_time",
"value": [
"4294967294"
]
},
{
"key": "x_kooboocms_version",
"value": [
"23"
]
},
{
"key": "x_language",
"value": [
"english"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"PbootCMS"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "IPDoor"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "802F714C70E3D9D9EBE1B8C20A4C128D",
"fingerprint_sha1": "1B6AB425BF5AE3AFF99A1CA3E0C7F451EC4DD32E",
"fingerprint_sha256": "155EF4CC3A0F6092087194AC00C0A7354301058093B33E09F60479B4D0DCCD4E",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"GI"
],
"domain_component": [
"LOGIIN",
"local"
],
"organization": [
"BIKVUJOQ"
],
"organizational_unit": [
"VIYJPQZ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "8822724042062345797",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"GI"
],
"domain_component": [
"LOGIIN",
"local"
],
"organization": [
"BIKVUJOQ"
],
"organizational_unit": [
"VIYJPQZ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "d554646d6ab0c88b64359e5e41f000a44a90aabd65776b55a04e8fe7ae7aca2d",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "d946afb99860745c1ae2736253370e8fc90f61754e0424425518ac83903f730f",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-04T11:34:29",
"not_before": "2025-07-04T11:34:29"
},
"version": 2
},
"fingerprint_sha256": "155EF4CC3A0F6092087194AC00C0A7354301058093B33E09F60479B4D0DCCD4E",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2018-15891",
"severity": "medium"
},
{
"id": "CVE-2019-19538",
"severity": "high"
},
{
"id": "CVE-2019-19851",
"severity": "medium"
}
],
"url": "https://47.119.16.90:5000/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-15T05:02:13.903Z"
},
{
"port": 5060,
"protocol": "tcp",
"name": "sip-proxy",
"version": "14.0.17",
"product": "FreePBX",
"extra_info": "Asterisk 15.7.4",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:sangoma:freepbx:14.0.17",
"part": "a",
"vendor": "sangoma",
"product": "freepbx",
"version": "14\\.0\\.17",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"cve": [
{
"id": "CVE-2018-15891",
"severity": "medium"
},
{
"id": "CVE-2019-19538",
"severity": "high"
},
{
"id": "CVE-2019-19851",
"severity": "medium"
}
],
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-18T13:32:00.939Z"
},
{
"port": 5432,
"protocol": "tcp",
"name": "unknown",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"modules": {
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "00000000000000000000000000000000000000000000000000000000000000",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-18T09:48:57.26Z"
},
{
"port": 5671,
"protocol": "tcp",
"name": "echo",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"modules": {
"http": {
"body_murmur": -518335594,
"body_sha256": "93c309dc609ec3f847c5079e62dd2e0652e15eb10c46a9d058708c6abd55e87c",
"component": [
"Django",
"Adobe ColdFusion",
"Liveinternet",
"AngularJS",
"BEM",
"Ruby on Rails",
"Ruby",
"SPIP:4.1.11",
"CFML",
"Python",
"MySQL",
"WordPress",
"PHP"
],
"content_length": 145576,
"favicon": {
"md5_hash": "b89adb697c786ef4c9553d2caf9fc409",
"murmur_hash": -17306567,
"path": "http://47.119.16.90:5671/favicon.ico",
"size": 827
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145576"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Tue, 08 Jul 2025 05:44:46 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"proxy_authenticate": [
"Basic realm=\"Tinyproxy\""
],
"server": [
"kngx/1.10.2"
],
"set_cookie": [
"did=A67B8F9C;",
"MRHSHint=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/",
"SUPPORTCHROMEOS=1; path=/; secure;",
"webvpnlogin=; path=/; secure;",
"ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly",
"DSIVS=; path=/; expires=Thu, 01 Jan 1970 22:00:00 GMT; secure;",
"sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;",
"cval=f337; path=/; splunkweb_csrf_token_8000=0011;",
"trsidsssosessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"F5_ST=2f2f1f1665754014a-1; path=/",
"metabase.DEVICE=657aec21-0f2d-4aa8-9973-172d408c3ebf;HttpOnly;Path=/;Expires=Thu, 01-Jan-1970 00:00:01;SameSite=None;Secure",
"zbx_sessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; HttpOnly;",
"wordpress_logged_in_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7Cbf7a880; path=/; HttpOnly",
"session820/qualitor820=2ek44merar6fo67l01hdr09u0l; path=/; HttpOnly; SameSite=Lax",
"CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;",
"token=21263a2bf; path=/;",
"SDPSESSIONID=AE7F18F5CE887FC885E5A1AE449D9AC1; Path=/; Secure; HttpOnly; SameSite=None;"
],
"unknown": [
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_iinfo",
"value": [
"11-40203780-0 0NNN RT(1579229728732 0) q(0 -1 -1 -1) r(0 -1)"
]
},
{
"key": "x_influxdb",
"value": [
"b"
]
},
{
"key": "x_influxdb_build",
"value": [
"OSS"
]
},
{
"key": "x_nextjs_stale_time",
"value": [
"4294967294"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_shopid",
"value": [
"25693290577"
]
},
{
"key": "x_via_fastly",
"value": [
"5"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_fastcgi_cache",
"value": [
"2"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_fastly_request_id",
"value": [
"ed15bdb8f4d9179ebe5b6b8441d6148a4a8e213f"
]
},
{
"key": "x_azure_ref",
"value": [
"v23"
]
},
{
"key": "x_mod_pagespeed",
"value": [
"1.13.35.2-0"
]
},
{
"key": "x_page_speed",
"value": [
"900"
]
},
{
"key": "x_fsc",
"value": [
"=deleteMe|rememberMe= 360wzws|CWAP-waf|zhuji.360.cn|X-Safe-Firewall AkamaiGHost Anquanbao Basic realm=\"dubbo\" BigIP|BIGipServer binarysec BlockDos.net client_param=install_active cloudflare cloudfront Cneonction|nnCoection|citrix_ns_id dotDefender ecology_JSessionid EMobileServer 华夏ERP JBoss jsluid= laravel_session linksys-vpn Mod_Security|NOYB Nagios Access nagios admin newdefend NSFocus Protected by COMODO Safe3WAF|Safe3 Web Firewall Safedog|WAF/2.0 Secure Entry Server sessioncookie= SonicWALL Sucuri/Cloudproxy ThinkPHP varnish wallarm WebKnight WebLogic webvpn X-Backside-Transport X-CDN|Incapsula X-Confluence X-Mapping- YUNDUN yunjiasu yunsuo zhuji.360.cn"
]
},
{
"key": "x_cache",
"value": [
"miss"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "loginip",
"value": [
"167.172.153.6"
]
},
{
"key": "x_adblock_key",
"value": [
"YQo="
]
},
{
"key": "x_nextjs_prerender",
"value": [
"1"
]
},
{
"key": "x_root",
"value": [
"root"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_kooboocms_version",
"value": [
"23"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Xeora"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "Vodafone ADSL Router"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
}
},
"url": "http://47.119.16.90:5671/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T12:40:40.642Z"
},
{
"port": 5984,
"protocol": "tcp",
"name": "http",
"version": "8.5",
"product": "Microsoft IIS httpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:microsoft:internet_information_services:8.5",
"part": "a",
"vendor": "microsoft",
"product": "internet_information_services",
"version": "8\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:microsoft:windows",
"part": "o",
"vendor": "microsoft",
"product": "windows",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:vmware:ESXi:6.5.0",
"part": "o",
"vendor": "vmware",
"product": "esxi",
"version": "6\\.5\\.0",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"couchdb": {
"databases": [
"_replicator",
"_users",
"admin",
"passwords",
"core-configuration",
"core-locales",
"core-photos",
"core-tasks",
"fml",
"mcx",
"mlkvljnah",
"mllbqddlikk",
"mzpp",
"nsjl",
"oqulw",
"pmbt",
"qys",
"todv",
"user00230",
"user00400",
"user02030",
"user02212",
"user03200",
"user21212",
"user22100",
"user22402",
"user23122",
"user23213",
"user23421",
"user24022",
"user31210",
"user33212",
"user33233",
"user40114",
"user40430",
"user42341",
"vfl",
"wryknmigdtx",
"wtpl"
],
"version": "1.6.1"
},
"http": {
"body_murmur": 1033467107,
"body_sha256": "84c1b0de24fe7c380a9eaf1a23043033d282cce52b3143f99ba221bf5ccc95c8",
"component": [
"CouchDB:1.6.1",
"Erlang: otp/17"
],
"content_length": 32,
"favicon": {
"md5_hash": "44071663a97aa46640d124dd31fe7521",
"murmur_hash": 2091717113,
"path": "http://47.119.16.90:5984/favicon.ico",
"size": 7659
},
"headers": {
"content_length": [
"32"
],
"content_type": [
"application/json"
],
"date": [
"Sat, 19 Jul 2025 05:38:52 GMT"
],
"server": [
"CouchDB/1.6.1 (Erlang OTP/17)"
]
},
"protocol": "HTTP/1.1",
"status_code": 200
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2014-4078",
"severity": "medium"
},
{
"id": "CVE-2022-31681",
"severity": "medium"
},
{
"id": "CVE-2023-29552",
"severity": "high"
}
],
"url": "https://47.119.16.90:5984/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-19T05:39:18.478Z"
},
{
"port": 6000,
"protocol": "tcp",
"name": "http",
"version": "10.2.2",
"product": "CherryPy httpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:cherrypy:cherrypy:10.2.2",
"part": "a",
"vendor": "cherrypy",
"product": "cherrypy",
"version": "10\\.2\\.2",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -1750689942,
"body_sha256": "7b3c89ca903ed32e3c9bd32e062e8cc6f67931664f340db13c81d0f7032964ef",
"component": [
"SPIP:4.1.11",
"CFML",
"Liveinternet",
"Ruby",
"Python",
"Ruby on Rails",
"Django",
"WordPress",
"PHP",
"BEM",
"AngularJS",
"Adobe ColdFusion",
"MySQL"
],
"content_length": 146349,
"favicon": {
"md5_hash": "1dcc55aa6f973801b0252f6304e6dc1c",
"murmur_hash": -1750461220,
"path": "http://47.119.16.90:6000/favicon.ico",
"size": 6772
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146349"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 20 Jul 2025 18:51:29 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"p3p": [
"policyref=\"/bitrix/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA\""
],
"pragma": [
"private"
],
"server": [
"Evernote/1.0"
],
"set_cookie": [
"DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;",
"webvpn=A9790AFEACDEFA01FAAEAFEWFF390AE; path=/; secure;",
"Cacti=o6vomb0hujscvd9qh7icd0b6m6; path=/",
"_csrf=ffd33fd2; path=/",
"TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;",
"_zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;",
"sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;",
"DSIVS=; path=/; expires=Thu, 01 Jan 1970 22:00:00 GMT; secure;",
"cepcAdminID=25263a2bf; path=/;",
"MRHSHint=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/",
"loginName=admin",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"fsm_login=37dfe4372f3867d7c134d618cbef137b; Path=/;",
"webvpn_as=; path=/; secure;",
"com.trs.idm.coSessionId=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"__s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/",
"rememberMe=deleteMe; path=/;",
"zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly"
],
"unknown": [
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_generator",
"value": [
"Drupal 7 (http://drupal.org)"
]
},
{
"key": "cf_cache_status",
"value": [
"DYNAMIC"
]
},
{
"key": "x_page_speed",
"value": [
"900"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_served_by",
"value": [
"cache-xsp21434-XSP"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_seen_by",
"value": [
"CtsEH7KQ5yf2LQM4TNLiEjUavO2mWjwAez9sPj8Ws5MUdPUz2A==,YQo=,YQo=,YQo=,YQo=,YQo=,YQo="
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_sucuri_id",
"value": [
"67"
]
},
{
"key": "x_dynatrace_js_agent",
"value": [
"ch"
]
},
{
"key": "x_accelerated_by",
"value": [
"1"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_ne_tf",
"value": [
"5"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_turbo_charged_by",
"value": [
"LiteSpeed"
]
},
{
"key": "x_cdn_forward",
"value": [
"maxcdn"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_sucuri_cache",
"value": [
"tru"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_qlik_xrfkey",
"value": [
"ef00"
]
},
{
"key": "loginip",
"value": [
"165.227.148.159"
]
},
{
"key": "x_redirect_by",
"value": [
"WordPress"
]
},
{
"key": "x_ruxit_js_agent",
"value": [
"true"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"PHP/5.6.40"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "UW-303VPW"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://47.119.16.90:6000/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-21T01:08:33.395Z"
},
{
"port": 6379,
"protocol": "tcp",
"name": "echo",
"version": "",
"product": "",
"extra_info": "PHP 5.6.40",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:php:php:5.6.40",
"part": "a",
"vendor": "php",
"product": "php",
"version": "5\\.6\\.40",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"cve": [
{
"id": "CVE-2007-3205",
"severity": "medium"
},
{
"id": "CVE-2015-9253",
"severity": "medium"
},
{
"id": "CVE-2017-7272",
"severity": "high"
}
],
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T15:43:40.712Z"
},
{
"port": 6443,
"protocol": "tcp",
"name": "http",
"version": "2.7.5",
"product": "InfluxDB http admin",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:influxdata:influxdb:2.7.5",
"part": "a",
"vendor": "influxdata",
"product": "influxdb",
"version": "2\\.7\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -104074792,
"body_sha256": "485990034c853115e777e4aa06a20bc18404c635608a7e941c4284c8bca687a8",
"component": [
"Django",
"Adobe ColdFusion",
"Liveinternet",
"WordPress",
"PHP",
"Ruby on Rails",
"MySQL",
"Microsoft ASP.NET",
"Python",
"CFML",
"AngularJS",
"BEM",
"Ruby",
"SPIP:4.1.11"
],
"content_length": 146834,
"favicon": {
"md5_hash": "9b71349660a2170717ff6a84f9de12a1",
"murmur_hash": 939607277,
"path": "http://47.119.16.90:6443/favicon.ico",
"size": 2340
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146834"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Mon, 21 Jul 2025 15:58:52 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"SRS/4.0.198(Leo)"
],
"set_cookie": [
"SDPSESSIONID=AE7F18F5CE887FC885E5A1AE449D9AC1; Path=/; Secure; HttpOnly; SameSite=None;",
"rememberMe=deleteMe; path=/;",
"acSamlv2Token=; path=/; secure;",
"sdplogincsrfcookie=6cc9d6ad-33d5-4b5a-adc8-b5bf284cb492; Path=/; SameSite=None; Secure;",
"TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;",
"swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs; path=/; secure; HttpOnly;",
"webvpn_as=; path=/; secure;",
"zentaosid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly",
"clickedItem_tab=1; asus_token=iDOPsFa54IUYb4alEFeOP4vjZrgspDD; clock_type=1; bw_rtab=INTERNET; ASUS_TrafficMonitor_unit=1",
"_indexVersion=2; path=/",
"SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;",
"Session=10.76.118.67.ff37fe7ceeca9a0ebedcf6549e8275d9; path=/",
"cval=f337; path=/; splunkweb_csrf_token_8000=0011;",
"grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax",
"UICSESSION=qqhhk66ogtvugchmqfov0j4l96; path=/;",
"UID=7400f7aab75991b599187e939d89d69c"
],
"unknown": [
{
"key": "cf_cache_status",
"value": [
"DYNAMIC"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_kubernetes_pf_flowschema_uid",
"value": [
"34"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_flow_powered",
"value": [
"Flow"
]
},
{
"key": "x_src_webcache",
"value": [
"fe05"
]
},
{
"key": "x_via_fastly",
"value": [
"5"
]
},
{
"key": "mime_version",
"value": [
"1.0"
]
},
{
"key": "x_highwire_sessionid",
"value": [
"aaefbbcd"
]
},
{
"key": "x_lift_version",
"value": [
"89"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_timer",
"value": [
"S1579233182.306174,VS0,VE0"
]
},
{
"key": "x_cache_miss_from",
"value": [
"parking-74c5b8d946-dhmw5"
]
},
{
"key": "x_cdn",
"value": [
"Incapsula"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "access_control_expose_headers",
"value": [
"mcp-session-id"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_permitted_cross_domain_policies",
"value": [
"none"
]
},
{
"key": "loginip",
"value": [
"134.209.230.218"
]
},
{
"key": "x_accelerated_by",
"value": [
"1"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Fat-Free Framework"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "电子文档安全管理系统"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://47.119.16.90:6443/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-21T15:59:19.99Z"
},
{
"port": 7574,
"protocol": "tcp",
"name": "echo",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"modules": {
"http": {
"body_murmur": -327587479,
"body_sha256": "827213f418deddd302200ce1c04cf856366a36149dcc6774d5c747b18a6500fd",
"component": [
"Amazon Web Services",
"Adobe ColdFusion",
"Liveinternet",
"AngularJS",
"Amazon CloudFront",
"CFML",
"WordPress",
"BEM",
"Python",
"Ruby",
"SPIP:4.1.11",
"Ruby on Rails",
"MySQL",
"PHP",
"Django"
],
"content_length": 145756,
"favicon": {
"md5_hash": "77b2f4c09890ab658a72c4bad8c1077b",
"murmur_hash": 1924358485,
"path": "http://47.119.16.90:7574/favicon.ico",
"size": 1630
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145756"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 13 Jul 2025 19:51:23 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"p3p": [
"policyref=\"/bitrix/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA\""
],
"pragma": [
"private"
],
"server": [
"Neobox Web Server"
],
"set_cookie": [
"USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"_indexVersion=2; path=/",
"rememberMe=deleteMe; path=/;",
"openvpn_sess_H8jh9h5ZIWc4UupqRJqPcoH8cBuTGY4w8bl3_UBvts1XPiItuVQMxvAvN8y5RBLbLlezh0Zm2xKpNmMwSCcvTw=CMvHtVV0n6DjvP5c--JgEWS3QsIcjzA5-zwezOq1K0Vzs2WaMh_YR2h7HJIZppxqLTaCrhNv3uTg4yl2X4dMPw; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; Secure; HttpOnly",
"webvpn=A9790AFEACDEFA01FAAEAFEWFF390AE; path=/; secure;",
"webvpnlogin=; path=/; secure;",
"SDPSESSIONID=AE7F18F5CE887FC885E5A1AE449D9AC1; Path=/; Secure; HttpOnly; SameSite=None;",
"webvpn_as=; path=/; secure;",
"JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;",
"roundcube_cookies=enabled; HttpOnly; expires=Tue, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c; path=/",
"SESSID=22363a2bf; path=/;",
"CNOAOASESSID=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"UID=7400f7aab75991b599187e939d89d69c",
"CLIENT_ID=7214",
"Cacti=o6vomb0hujscvd9qh7icd0b6m6; path=/",
"acSamlv2Token=; path=/; secure;"
],
"unknown": [
{
"key": "loginip",
"value": [
"167.99.8.127"
]
},
{
"key": "x_chromelogger_data",
"value": [
"13"
]
},
{
"key": "x_influxdb_version",
"value": [
"v2.7.5"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_powered_cms",
"value": [
"Bitrix Site Manager (31ebf3fe2d1251fbd7f82a700bcc1f66)"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "teamcity_node_id",
"value": [
"MAIN_SERVER"
]
},
{
"key": "x_amz_cf_pop",
"value": [
"MAA50-C1"
]
},
{
"key": "x_github_request_id",
"value": [
"2544:7F5D:24C5A8:296D36:5E2B2B7B"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_nextjs_cache",
"value": [
"HIT"
]
},
{
"key": "x_litespeed_cache",
"value": [
"hit"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_redirect_by",
"value": [
"WordPress"
]
},
{
"key": "x_check",
"value": [
"3112dc4d54f8e22d666785b733b0052100c53444"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_dynatrace_js_agent",
"value": [
"ch"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_wix_request_id",
"value": [
"1579229867.6801399"
]
},
{
"key": "mime_version",
"value": [
"1.0"
]
},
{
"key": "x_clacks_overhead",
"value": [
"GNU Terry Pratchett"
]
},
{
"key": "x_sorting_hat_shopid",
"value": [
"25693290577"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
}
],
"via": [
"1.1 51766bfb56389c696c1525db90e16f23.cloudfront.net (CloudFront)"
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"ASP.NET"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "DIR-X1860Z"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://47.119.16.90:7574/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-18T06:33:14.674Z"
},
{
"port": 8086,
"protocol": "tcp",
"name": "http",
"version": "2.7.5",
"product": "InfluxDB http admin",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:influxdata:influxdb:2.7.5",
"part": "a",
"vendor": "influxdata",
"product": "influxdb",
"version": "2\\.7\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 1952979010,
"body_sha256": "143464a48378caba2d22a071aaf64f41f7501c9caab9165d2ee41a3dd721b536",
"component": [
"Adobe ColdFusion",
"Django",
"WordPress",
"MySQL",
"Python",
"AngularJS",
"Ruby",
"SPIP:4.1.11",
"BEM",
"PHP",
"Ruby on Rails",
"Liveinternet",
"CFML"
],
"content_length": 146274,
"favicon": {
"md5_hash": "9b71349660a2170717ff6a84f9de12a1",
"murmur_hash": 939607277,
"path": "http://47.119.16.90:8086/favicon.ico",
"size": 2340
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146274"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Thu, 17 Jul 2025 18:44:38 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"p3p": [
"CP=CAO PSA OUR"
],
"pragma": [
"private"
],
"proxy_authenticate": [
"Basic realm=\"Tinyproxy\""
],
"server": [
"KazaaClient"
],
"set_cookie": [
"UICSESSION=qqhhk66ogtvugchmqfov0j4l96; path=/;",
"NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;",
"roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"DSSignInURL=/; path=/; secure;",
"X-Qlik-Session=35263a2bf; path=/;",
"grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax",
"SESSID=22363a2bf; path=/;",
"jeesite.session.id=n811avhi2gnvn1mlvv7572hkc; path=/; i_like_gogs=; i_like_gitea=; harbor-lang=; atmail6=; a=phpMyAdmin; b=/pma_lang; HttpOnly",
"csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;",
"csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains",
"AUTHSID=7400f7aab75991b599187e939d89d69c",
"roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"com.trs.idm.coSessionId=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"fsm_u=admin; Path=/;",
"trsidsssosessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"_indexVersion=2; path=/",
"NX-ANTI-CSRF-TOKEN=7400f7aab75991b599187e939d89d69c",
"sdplogincsrfcookie=6cc9d6ad-33d5-4b5a-adc8-b5bf284cb492; Path=/; SameSite=None; Secure;"
],
"unknown": [
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_now_trace",
"value": [
"true"
]
},
{
"key": "x_shopify_stage",
"value": [
"production"
]
},
{
"key": "loginip",
"value": [
"164.92.168.207"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_contextid",
"value": [
"YQo="
]
},
{
"key": "x_highwire_sessionid",
"value": [
"aaefbbcd"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "access_control_expose_headers",
"value": [
"mcp-session-id"
]
},
{
"key": "x_nextjs_stale_time",
"value": [
"4294967294"
]
},
{
"key": "x_kooboocms_version",
"value": [
"23"
]
},
{
"key": "x_tractor_stun",
"value": [
"4"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_squid_error",
"value": [
"ERR_INVALID_URL 0"
]
},
{
"key": "x_page_speed",
"value": [
"1.13.35.2-0"
]
},
{
"key": "x_t_location",
"value": [
"/iam"
]
},
{
"key": "x_app_server",
"value": [
"app07"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_bubble_capacity_used",
"value": [
"true"
]
}
],
"vary": [
"RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch, Accept-Encoding"
],
"www_authenticate": [
"Basic realm=\"TP-LINK AC1200 Wireless Dual Band Gigabit Router Archer C5\""
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"blade-"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 401,
"title": "ZXHN H267A V1.0"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://47.119.16.90:8086/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-17T19:09:06.417Z"
},
{
"port": 8087,
"protocol": "tcp",
"name": "echo",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"modules": {
"http": {
"body_murmur": -867264091,
"body_sha256": "fd535a44e3db57ef438af583b32007735799c9c12ce786af62caaffcfe6d35df",
"component": [
"BEM",
"PHP",
"Ruby",
"Python",
"Adobe ColdFusion",
"Liveinternet",
"Django",
"CFML",
"WordPress",
"MySQL",
"Ruby on Rails",
"SPIP:4.1.11",
"AngularJS"
],
"content_length": 145547,
"favicon": {
"md5_hash": "c3ee66d45636052a69bab53600f2f878",
"murmur_hash": 362091310,
"path": "http://47.119.16.90:8087/favicon.ico",
"size": 2086
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145547"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sat, 05 Jul 2025 07:43:59 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"PDR-Jseries"
],
"set_cookie": [
"DSIVS=; path=/; expires=Thu, 01 Jan 1970 22:00:00 GMT; secure;",
"cepcAdminID=25263a2bf; path=/;",
"com.trs.idm.coSessionId=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"rememberMe=deleteMe; path=/;",
"webvpnlogin=; path=/; secure;",
"LastMRH_Session=ffd33fd2; path=/",
"zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly",
"JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;",
"MRHSession=ffd33fd2; path=/",
"wordpress_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7C70307dfb; path=/wp-admin; HttpOnly",
"ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly",
"metabase.DEVICE=657aec21-0f2d-4aa8-9973-172d408c3ebf;HttpOnly;Path=/;Expires=Thu, 01-Jan-1970 00:00:01;SameSite=None;Secure",
"PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/",
"NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;",
"NX-ANTI-CSRF-TOKEN=7400f7aab75991b599187e939d89d69c",
"SDPSESSIONID=AE7F18F5CE887FC885E5A1AE449D9AC1; Path=/; Secure; HttpOnly; SameSite=None;",
"webvpn_as=; path=/; secure;",
"SESSID=22363a2bf; path=/;"
],
"unknown": [
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_wix_request_id",
"value": [
"1579229867.6801399"
]
},
{
"key": "loginip",
"value": [
"134.209.68.233"
]
},
{
"key": "x_sucuri_id",
"value": [
"67"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_citrix_application",
"value": [
"Receiver for Web"
]
},
{
"key": "x_fastcgi_cache",
"value": [
"2"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_accelerated_by",
"value": [
"1"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_includable_version",
"value": [
"32"
]
},
{
"key": "x_mod_pagespeed",
"value": [
"tr"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_language",
"value": [
"english"
]
},
{
"key": "x_influxdb",
"value": [
"b"
]
},
{
"key": "x_seen_by",
"value": [
"CtsEH7KQ5yf2LQM4TNLiEjUavO2mWjwAez9sPj8Ws5MUdPUz2A==,YQo=,YQo=,YQo=,YQo=,YQo=,YQo="
]
},
{
"key": "x_aspnet_version",
"value": [
"4.0.30319"
]
},
{
"key": "x_dynatrace_js_agent",
"value": [
"ch"
]
},
{
"key": "x_gocache_cachestatus",
"value": [
"ok"
]
},
{
"key": "x_fastly_request_id",
"value": [
"ed15bdb8f4d9179ebe5b6b8441d6148a4a8e213f"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
}
],
"vary": [
"RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch, Accept-Encoding"
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Nette Framework"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "ZXECS"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "802F714C70E3D9D9EBE1B8C20A4C128D",
"fingerprint_sha1": "1B6AB425BF5AE3AFF99A1CA3E0C7F451EC4DD32E",
"fingerprint_sha256": "155EF4CC3A0F6092087194AC00C0A7354301058093B33E09F60479B4D0DCCD4E",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"GI"
],
"domain_component": [
"LOGIIN",
"local"
],
"organization": [
"BIKVUJOQ"
],
"organizational_unit": [
"VIYJPQZ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "8822724042062345797",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"GI"
],
"domain_component": [
"LOGIIN",
"local"
],
"organization": [
"BIKVUJOQ"
],
"organizational_unit": [
"VIYJPQZ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "d554646d6ab0c88b64359e5e41f000a44a90aabd65776b55a04e8fe7ae7aca2d",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "d946afb99860745c1ae2736253370e8fc90f61754e0424425518ac83903f730f",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-04T11:34:29",
"not_before": "2025-07-04T11:34:29"
},
"version": 2
},
"fingerprint_sha256": "155EF4CC3A0F6092087194AC00C0A7354301058093B33E09F60479B4D0DCCD4E",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://47.119.16.90:8087/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T18:02:15.364Z"
},
{
"port": 8500,
"protocol": "tcp",
"name": "http",
"version": "0.8.3",
"product": "Werkzeug httpd",
"extra_info": "Python 2.6.3",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:python:python:2.6.3",
"part": "a",
"vendor": "python",
"product": "python",
"version": "2\\.6\\.3",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"consul": {
"build_date": "2024-10-14T20:52:01Z",
"datacenter": "dc1",
"node_id": "e5ad94e9-c381-5717-4b0c-2166fc0bb30b",
"node_name": "lvmkl",
"primary_datacenter": "dc1",
"revision": "cddc6181",
"server": true,
"version": "1.20.0"
},
"http": {
"body_murmur": 1222848861,
"body_sha256": "7290b0166dd4b57d8218459f0603864fe53c9d37bb7789faa9a88b420ceb2b3c",
"component": [
"Python",
"PHP",
"AngularJS",
"Ruby on Rails",
"MySQL",
"Adobe ColdFusion",
"Ruby",
"SPIP:4.1.11",
"BEM",
"Django",
"WordPress",
"CFML",
"Liveinternet"
],
"content_length": 145776,
"favicon": {
"md5_hash": "9b71349660a2170717ff6a84f9de12a1",
"murmur_hash": 939607277,
"path": "http://47.119.16.90:8500/favicon.ico",
"size": 2340
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145776"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Mon, 14 Jul 2025 15:08:25 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"RemObjects SDK for .NET HTTP Server/5.0"
],
"set_cookie": [
"UID=7400f7aab75991b599187e939d89d69c",
"AUTHSID=7400f7aab75991b599187e939d89d69c",
"metabase.DEVICE=657aec21-0f2d-4aa8-9973-172d408c3ebf;HttpOnly;Path=/;Expires=Thu, 01-Jan-1970 00:00:01;SameSite=None;Secure",
"adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;",
"id=A67B8F9C;",
"ASPSESSIONIDSSCDTDBS=n811avhi2gnvn1mlvv7572hkc; path=/; zfoausername=admin; HttpOnly",
"DSSignInURL=/; path=/; secure;",
"_csrf=ffd33fd2; path=/",
"roundcube_cookies=enabled; HttpOnly; expires=Tue, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"acSamlv2Error=; path=/; secure;",
"zbx_sessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"rememberMe=deleteMe; path=/;",
"SDPSESSIONID=AE7F18F5CE887FC885E5A1AE449D9AC1; Path=/; Secure; HttpOnly; SameSite=None;",
"PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/",
"sesskey=21263a2bf; path=/;",
"did=A67B8F9C;",
"wordpress_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7C70307dfb; path=/wp-admin; HttpOnly",
"_zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;"
],
"unknown": [
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "loginip",
"value": [
"104.248.132.38"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_aspnet_version",
"value": [
"4.0.30319"
]
},
{
"key": "x_contextid",
"value": [
"YQo="
]
},
{
"key": "x_permitted_cross_domain_policies",
"value": [
"none"
]
},
{
"key": "x_powered_cms",
"value": [
"Bitrix Site Manager (31ebf3fe2d1251fbd7f82a700bcc1f66)"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_redirect_by",
"value": [
"WordPress"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_lift_version",
"value": [
"89"
]
},
{
"key": "x_mod_pagespeed",
"value": [
"tr"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_ac",
"value": [
"3.bur _bur"
]
},
{
"key": "x_amz_cf_pop",
"value": [
"MAA50-C1"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_citrix_application",
"value": [
"Receiver for Web"
]
},
{
"key": "x_influxdb",
"value": [
"b"
]
},
{
"key": "x_adblock_key",
"value": [
"23"
]
},
{
"key": "x_influxdb_build",
"value": [
"OSS"
]
}
],
"vary": [
"RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch, Accept-Encoding"
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Xeora"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "Ewon - Cargando..."
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2007-4559",
"severity": "medium"
},
{
"id": "CVE-2008-5983",
"severity": "medium"
},
{
"id": "CVE-2010-1634",
"severity": "medium"
}
],
"url": "https://47.119.16.90:8500/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-14T19:22:48.699Z"
},
{
"port": 8883,
"protocol": "tcp",
"name": "mqtt",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "ssl",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-18T04:00:49.763Z"
},
{
"port": 8983,
"protocol": "tcp",
"name": "echo",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"modules": {
"http": {
"body_murmur": -1688594331,
"body_sha256": "e28ecb951d5a56243291465fb4d2cc578037cd41292b8865e65840d8d0d2032e",
"component": [
"Django",
"Adobe ColdFusion",
"Ruby on Rails",
"Ruby",
"PHP",
"MySQL",
"WordPress",
"Python",
"CFML",
"Liveinternet",
"BEM",
"SPIP:4.1.11",
"AngularJS"
],
"content_length": 145787,
"favicon": {
"md5_hash": "b5c66b07a742597376263bb23fc11b15",
"murmur_hash": 444712798,
"path": "http://47.119.16.90:8983/favicon.ico",
"size": 5506
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145787"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 13 Jul 2025 17:41:42 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"p3p": [
"policyref=\"/bitrix/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA\""
],
"pragma": [
"private"
],
"server": [
"SuperSign"
],
"set_cookie": [
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"roundcube_cookies=enabled; HttpOnly; expires=Tue, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;",
"did=A67B8F9C;",
"LastMRH_Session=ffd33fd2; path=/",
"USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly",
"adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;",
"acSamlv2Token=; path=/; secure;",
"X-Qlik-Session=35263a2bf; path=/;",
"acSamlv2Error=; path=/; secure;",
"jeesite.session.id=n811avhi2gnvn1mlvv7572hkc; path=/; i_like_gogs=; i_like_gitea=; harbor-lang=; atmail6=; a=phpMyAdmin; b=/pma_lang; HttpOnly",
"_csrf=ffd33fd2; path=/",
"SOLONID=n91i168jps8rd856bcrln2isqe; path=/",
"zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly",
"webvpn=A9790AFEACDEFA01FAAEAFEWFF390AE; path=/; secure;",
"CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;",
"XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; HttpOnly;",
"swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs; path=/; secure; HttpOnly;"
],
"unknown": [
{
"key": "x_pingback",
"value": [
"https://example.com/xmlrpc.php"
]
},
{
"key": "access_control_expose_headers",
"value": [
"mcp-session-id"
]
},
{
"key": "x_vercel_cache",
"value": [
"1"
]
},
{
"key": "x_bubble_capacity_used",
"value": [
"true"
]
},
{
"key": "x_cmd_response",
"value": [
"root"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_powered_cms",
"value": [
"Bitrix Site Manager (31ebf3fe2d1251fbd7f82a700bcc1f66)"
]
},
{
"key": "host_header",
"value": [
"6d77dd967d63c3104bced1db0cace49c"
]
},
{
"key": "x_app_server",
"value": [
"app07"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_mod_pagespeed",
"value": [
"tr"
]
},
{
"key": "x_check",
"value": [
"3112dc4d54f8e22d666785b733b0052100c53444"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_permitted_cross_domain_policies",
"value": [
"none"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_page_speed",
"value": [
"900"
]
},
{
"key": "x_proxy_cache",
"value": [
"MISS"
]
},
{
"key": "x_shopify_stage",
"value": [
"production"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_shardid",
"value": [
"80"
]
},
{
"key": "x_bubble_capacity_limit",
"value": [
"12"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "loginip",
"value": [
"167.99.230.208"
]
},
{
"key": "x_akamai_transformed",
"value": [
"af1"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_timer",
"value": [
"S1579233182.306174,VS0,VE0"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"TwistPHP"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "ARX - Synology DiskStation"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://47.119.16.90:8983/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-18T11:28:36.093Z"
},
{
"port": 9042,
"protocol": "tcp",
"name": "http",
"version": "10",
"product": "JBoss WildFly Application Server",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:redhat:jboss_wildfly_application_server:10",
"part": "a",
"vendor": "redhat",
"product": "jboss_wildfly_application_server",
"version": "10",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:vmware:Admin:nil",
"part": "o",
"vendor": "vmware",
"product": "admin",
"version": "nil",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -757599849,
"body_sha256": "a867cb790916ba299ce67be2446cbff9c0c2494ee73bab270d3b6a23f839af7d",
"component": [
"WordPress",
"PHP",
"Liveinternet",
"Ruby",
"BEM",
"Ruby on Rails",
"SPIP:4.1.11",
"AngularJS",
"CFML",
"Python",
"Django",
"Adobe ColdFusion",
"MySQL"
],
"content_length": 146287,
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146287"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Thu, 17 Jul 2025 22:07:56 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"WebSockifyPython/2.7.5"
],
"set_cookie": [
"LastMRH_Session=ffd33fd2; path=/",
"CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;",
"CNOAOASESSID=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"metabase.DEVICE=657aec21-0f2d-4aa8-9973-172d408c3ebf;HttpOnly;Path=/;Expires=Thu, 01-Jan-1970 00:00:01;SameSite=None;Secure",
"RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;",
"fsm_u=admin; Path=/;",
"TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;",
"openvpn_sess_H8jh9h5ZIWc4UupqRJqPcoH8cBuTGY4w8bl3_UBvts1XPiItuVQMxvAvN8y5RBLbLlezh0Zm2xKpNmMwSCcvTw=CMvHtVV0n6DjvP5c--JgEWS3QsIcjzA5-zwezOq1K0Vzs2WaMh_YR2h7HJIZppxqLTaCrhNv3uTg4yl2X4dMPw; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; Secure; HttpOnly",
"swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs; path=/; secure; HttpOnly;",
"roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"SDPSESSIONID=AE7F18F5CE887FC885E5A1AE449D9AC1; Path=/; Secure; HttpOnly; SameSite=None;",
"_zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;",
"zentaosid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"NSC_VPNERR=4007",
"wordpress_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7C70307dfb; path=/wp-admin; HttpOnly",
"Cacti=o6vomb0hujscvd9qh7icd0b6m6; path=/",
"SOLONID=n91i168jps8rd856bcrln2isqe; path=/",
"ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly"
],
"unknown": [
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_amz_cf_id",
"value": [
"CtsEH7KQ5yf2LQM4TNLiEjUavO2mWjwAez9sPj8Ws5MUdPUz2A=="
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_accelerated_by",
"value": [
"1"
]
},
{
"key": "x_server_powered_by",
"value": [
"Engintron"
]
},
{
"key": "x_alternate_cache_key",
"value": [
"cacheable:ba92b39be043e3c90d2fd075057dd3e5"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_cocoon_version",
"value": [
"13"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_vercel_cache",
"value": [
"1"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_axentra_version",
"value": [
"13"
]
},
{
"key": "loginip",
"value": [
"164.92.168.207"
]
},
{
"key": "x_timer",
"value": [
"S1579233182.306174,VS0,VE0"
]
},
{
"key": "x_shopid",
"value": [
"25693290577"
]
},
{
"key": "x_lift_version",
"value": [
"89"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "sec_websocket_accept",
"value": [
"MIGfMA0GCSq"
]
},
{
"key": "x_ne_tf",
"value": [
"5"
]
},
{
"key": "x_squid_error",
"value": [
"ERR_INVALID_URL 0"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_fw_server",
"value": [
"Flywheel"
]
},
{
"key": "x_kubernetes_pf_flowschema_uid",
"value": [
"34"
]
},
{
"key": "access_control_expose_headers",
"value": [
"mcp-session-id"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Xeora"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "HP OfficeJet Pro 9010 series"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2016-9589",
"severity": "high"
}
],
"url": "https://47.119.16.90:9042/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-17T22:08:22.888Z"
},
{
"port": 9092,
"protocol": "tcp",
"name": "sip-proxy",
"version": "14.0.17",
"product": "FreePBX",
"extra_info": "Asterisk 15.7.4",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:sangoma:freepbx:14.0.17",
"part": "a",
"vendor": "sangoma",
"product": "freepbx",
"version": "14\\.0\\.17",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -1298256687,
"body_sha256": "33502466b5d3e63e19240afc07099cd2ee5f41eb62b0d21ee6407cbaaa134182",
"component": [
"Liveinternet",
"AngularJS",
"BEM",
"SPIP:4.1.11",
"Amazon Web Services",
"PHP",
"Django",
"CFML",
"WordPress",
"Ruby on Rails",
"Python",
"Ruby",
"Amazon CloudFront",
"Adobe ColdFusion",
"MySQL"
],
"content_length": 145727,
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145727"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Fri, 11 Jul 2025 11:30:31 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"alphapd"
],
"set_cookie": [
"webvpn_as=; path=/; secure;",
"session820/qualitor820=2ek44merar6fo67l01hdr09u0l; path=/; HttpOnly; SameSite=Lax",
"token=21263a2bf; path=/;",
"openvpn_sess_H8jh9h5ZIWc4UupqRJqPcoH8cBuTGY4w8bl3_UBvts1XPiItuVQMxvAvN8y5RBLbLlezh0Zm2xKpNmMwSCcvTw=CMvHtVV0n6DjvP5c--JgEWS3QsIcjzA5-zwezOq1K0Vzs2WaMh_YR2h7HJIZppxqLTaCrhNv3uTg4yl2X4dMPw; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; Secure; HttpOnly",
"SUPPORTCHROMEOS=1; path=/; secure;",
"UID=7400f7aab75991b599187e939d89d69c",
"_zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;",
"adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;",
"zbx_sessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"acSamlv2Error=; path=/; secure;",
"CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;",
"jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c; path=/",
"sessionNonceCookie-91c537b4-8e24-3455-8f0c-225b8fcc3641=16a09f29-a4ff-4be2-b4a5-913c7880d677; Max-Age=4800; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Path=/; Secure; HttpOnly; SameSite=None",
"trsidsssosessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"id=A67B8F9C;",
"NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;",
"TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;",
"samlPreauthSessionHash=; path=/; secure;"
],
"unknown": [
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_pingback",
"value": [
"https://example.com/xmlrpc.php"
]
},
{
"key": "x_cache_hits",
"value": [
"0"
]
},
{
"key": "x_iinfo",
"value": [
"11-40203780-0 0NNN RT(1579229728732 0) q(0 -1 -1 -1) r(0 -1)"
]
},
{
"key": "x_bubble_capacity_used",
"value": [
"true"
]
},
{
"key": "x_chromelogger_data",
"value": [
"13"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_bubble_perf",
"value": [
"/"
]
},
{
"key": "x_influxdb_build",
"value": [
"OSS"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_aspnet_version",
"value": [
"4.0.30319"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_confluence_request_time",
"value": [
"1698802372064"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_mod_pagespeed",
"value": [
"tr"
]
},
{
"key": "x_request_id",
"value": [
"ecff8573-23ca-4dbc-a0a9-e8af7876c4ae"
]
},
{
"key": "x_aspnetmvc_version",
"value": [
"5.2"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_cache_lookup",
"value": [
"NONE from ezproxies.com:3128"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_lift_version",
"value": [
"89"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_server_powered_by",
"value": [
"Engintron"
]
},
{
"key": "loginip",
"value": [
"161.35.221.104"
]
},
{
"key": "x_influxdb_version",
"value": [
"v2.7.5"
]
}
],
"via": [
"1.1 51766bfb56389c696c1525db90e16f23.cloudfront.net (CloudFront)"
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"CentOS"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "Accesso"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2018-15891",
"severity": "medium"
},
{
"id": "CVE-2019-19538",
"severity": "high"
},
{
"id": "CVE-2019-19851",
"severity": "medium"
}
],
"url": "https://47.119.16.90:9092/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-14T11:23:22.902Z"
},
{
"port": 9093,
"protocol": "tcp",
"name": "sip-proxy",
"version": "14.0.17",
"product": "FreePBX",
"extra_info": "Asterisk 15.7.4",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:sangoma:freepbx:14.0.17",
"part": "a",
"vendor": "sangoma",
"product": "freepbx",
"version": "14\\.0\\.17",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 1088138091,
"body_sha256": "8a19edfeeeffa044443f9452bfce92de5a741b809c283a35ef231bb64032e8c7",
"component": [
"Ruby",
"AngularJS",
"Django",
"BEM",
"CFML",
"Ruby on Rails",
"SPIP:4.1.11",
"WordPress",
"MySQL",
"Python",
"Adobe ColdFusion",
"PHP",
"Liveinternet"
],
"content_length": 145553,
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145553"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Fri, 04 Jul 2025 23:43:49 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"ttyd/1.6.3(libwebsockets/4.3.2-419f7c7)"
],
"set_cookie": [
"token=21263a2bf; path=/;",
"acSamlv2Token=; path=/; secure;",
"F5_ST=2f2f1f1665754014a-1; path=/",
"JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;",
"sesskey=21263a2bf; path=/;",
"SDPSESSIONID=AE7F18F5CE887FC885E5A1AE449D9AC1; Path=/; Secure; HttpOnly; SameSite=None;",
"rememberMe=deleteMe; path=/;",
"swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs; path=/; secure; HttpOnly;",
"roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"CNOAOASESSID=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"Session=10.76.118.67.ff37fe7ceeca9a0ebedcf6549e8275d9; path=/",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;",
"DSSignInURL=/; path=/; secure;",
"NSC_VPNERR=4007",
"grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax",
"SOLONID=n91i168jps8rd856bcrln2isqe; path=/",
"fsm_u=admin; Path=/;"
],
"unknown": [
{
"key": "x_akamai_transformed",
"value": [
"af1"
]
},
{
"key": "x_influxdb",
"value": [
"b"
]
},
{
"key": "x_turbo_charged_by",
"value": [
"LiteSpeed"
]
},
{
"key": "x_citrix_application",
"value": [
"Receiver for Web"
]
},
{
"key": "x_mod_pagespeed",
"value": [
"1.13.35.2-0"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_fsc",
"value": [
"=deleteMe|rememberMe= 360wzws|CWAP-waf|zhuji.360.cn|X-Safe-Firewall AkamaiGHost Anquanbao Basic realm=\"dubbo\" BigIP|BIGipServer binarysec BlockDos.net client_param=install_active cloudflare cloudfront Cneonction|nnCoection|citrix_ns_id dotDefender ecology_JSessionid EMobileServer 华夏ERP JBoss jsluid= laravel_session linksys-vpn Mod_Security|NOYB Nagios Access nagios admin newdefend NSFocus Protected by COMODO Safe3WAF|Safe3 Web Firewall Safedog|WAF/2.0 Secure Entry Server sessioncookie= SonicWALL Sucuri/Cloudproxy ThinkPHP varnish wallarm WebKnight WebLogic webvpn X-Backside-Transport X-CDN|Incapsula X-Confluence X-Mapping- YUNDUN yunjiasu yunsuo zhuji.360.cn"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_drupal_cache",
"value": [
"HIT"
]
},
{
"key": "loginip",
"value": [
"134.209.68.233"
]
},
{
"key": "x_lift_version",
"value": [
"89"
]
},
{
"key": "x_permitted_cross_domain_policies",
"value": [
"none"
]
},
{
"key": "x_page_speed",
"value": [
"900"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_accelerated_by",
"value": [
"1"
]
},
{
"key": "x_nextjs_prerender",
"value": [
"1"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_via_fastly",
"value": [
"5"
]
},
{
"key": "x_axentra_version",
"value": [
"13"
]
},
{
"key": "x_squid_error",
"value": [
"ERR_INVALID_URL 0"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"php"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "DSL_2640NRU"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "802F714C70E3D9D9EBE1B8C20A4C128D",
"fingerprint_sha1": "1B6AB425BF5AE3AFF99A1CA3E0C7F451EC4DD32E",
"fingerprint_sha256": "155EF4CC3A0F6092087194AC00C0A7354301058093B33E09F60479B4D0DCCD4E",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"GI"
],
"domain_component": [
"LOGIIN",
"local"
],
"organization": [
"BIKVUJOQ"
],
"organizational_unit": [
"VIYJPQZ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "8822724042062345797",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"GI"
],
"domain_component": [
"LOGIIN",
"local"
],
"organization": [
"BIKVUJOQ"
],
"organizational_unit": [
"VIYJPQZ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "d554646d6ab0c88b64359e5e41f000a44a90aabd65776b55a04e8fe7ae7aca2d",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "d946afb99860745c1ae2736253370e8fc90f61754e0424425518ac83903f730f",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-04T11:34:29",
"not_before": "2025-07-04T11:34:29"
},
"version": 2
},
"fingerprint_sha256": "155EF4CC3A0F6092087194AC00C0A7354301058093B33E09F60479B4D0DCCD4E",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2018-15891",
"severity": "medium"
},
{
"id": "CVE-2019-19538",
"severity": "high"
},
{
"id": "CVE-2019-19851",
"severity": "medium"
}
],
"url": "https://47.119.16.90:9093/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-18T17:06:54.209Z"
},
{
"port": 9200,
"protocol": "tcp",
"name": "http",
"version": "2.4.27",
"product": "Apache httpd",
"extra_info": "(Unix) OpenSSL/1.0.2k",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:apache:http_server:2.4.27",
"part": "a",
"vendor": "apache",
"product": "http_server",
"version": "2\\.4\\.27",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"elasticsearch": {
"index": [
{
"count": "16051803",
"name": "logs-2024",
"size": "4.9gb"
},
{
"count": "10248228",
"name": "logs-2023",
"size": "3.2gb"
},
{
"count": "4629250332",
"name": "data-2024",
"size": "6.4tb"
}
],
"info": {
"cluster_name": "elasticsearch",
"cluster_uuid": "",
"name": "Blob",
"tagline": "You Know, for Search",
"version": {
"build_hash": "05d4530971ef0ea46d0f4fa6ee64dbc8df659682",
"lucene_version": "4.10.4",
"number": "1.7.3"
}
}
},
"http": {
"body_murmur": 1589257397,
"body_sha256": "3db479be0c09198605e2f8c1cc34676a4954f80aacfd0c0a21aea11ef115e847",
"content_length": 316,
"favicon": {
"md5_hash": "c87bab9d4a9129f7d2e97044dbae6793",
"murmur_hash": -399311436,
"path": "http://47.119.16.90:9200/favicon.ico",
"size": 4286
},
"headers": {
"accept_ranges": [
"bytes"
],
"content_disposition": [
"Content-Disposition"
],
"content_length": [
"316"
],
"content_type": [
"application/json"
],
"date": [
"Sat, 12 Jul 2025 01:54:20 GMT"
],
"pragma": [
"private"
],
"server": [
"nPerf/2.2.0 2019-04-02"
],
"set_cookie": [
"SESSID=da122263a2bd; webvpnLang=webvpnLang"
],
"unknown": [
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
}
],
"x_powered_by": [
"PHP/4.6.0"
]
},
"protocol": "HTTP/1.1",
"status_code": 200
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2006-20001",
"severity": "high"
},
{
"id": "CVE-2017-15710",
"severity": "high"
},
{
"id": "CVE-2017-15715",
"severity": "high"
}
],
"url": "https://47.119.16.90:9200/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-12T01:54:53.315Z"
},
{
"port": 10250,
"protocol": "tcp",
"name": "sip-proxy",
"version": "14.0.17",
"product": "FreePBX",
"extra_info": "Asterisk 15.7.4",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:sangoma:freepbx:14.0.17",
"part": "a",
"vendor": "sangoma",
"product": "freepbx",
"version": "14\\.0\\.17",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 1901713727,
"body_sha256": "56b8f0ede270983f505b8b7172a44a1a4aebe7ac0328d0367553781fd2f6b5d0",
"component": [
"CFML",
"AngularJS",
"BEM",
"Python",
"PHP",
"Ruby on Rails",
"Django",
"MySQL",
"Ruby",
"Adobe ColdFusion",
"WordPress",
"SPIP:4.1.11",
"Liveinternet"
],
"content_length": 145554,
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145554"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sat, 05 Jul 2025 10:40:43 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"p3p": [
"policyref=\"/bitrix/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA\""
],
"pragma": [
"private"
],
"server": [
"NBB-414"
],
"set_cookie": [
"RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;",
"Session=10.76.118.67.ff37fe7ceeca9a0ebedcf6549e8275d9; path=/",
"zentaosid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;",
"DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;",
"rememberMe=deleteMe; path=/;",
"_indexVersion=2; path=/",
"NSC_VPNERR=4007",
"MoodleSession=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"ASPSESSIONIDSSCDTDBS=n811avhi2gnvn1mlvv7572hkc; path=/; zfoausername=admin; HttpOnly",
"MISESSID=22363a2bf; path=/mi;",
"roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"cepcAdminID=25263a2bf; path=/;",
"csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains",
"DSSignInURL=/; path=/; secure;",
"wordpress_logged_in_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7Cbf7a880; path=/; HttpOnly",
"samlPreauthSessionHash=; path=/; secure;",
"session820/qualitor820=2ek44merar6fo67l01hdr09u0l; path=/; HttpOnly; SameSite=Lax"
],
"unknown": [
{
"key": "x_vercel_cache",
"value": [
"1"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_influxdb_build",
"value": [
"OSS"
]
},
{
"key": "teamcity_node_id",
"value": [
"MAIN_SERVER"
]
},
{
"key": "x_adblock_key",
"value": [
"YQo="
]
},
{
"key": "x_influxdb",
"value": [
"b"
]
},
{
"key": "x_shopify_generated_cart_token",
"value": [
"aa1b6d68e41056d2955ae9e6fb516372"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_qlik_xrfkey",
"value": [
"ef00"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_cache_lookup",
"value": [
"NONE from ezproxies.com:3128"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_nginx_cache_status",
"value": [
"MISS"
]
},
{
"key": "x_template",
"value": [
"tpl_CleanPeppermintBlack_twoclick"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_clacks_overhead",
"value": [
"GNU Terry Pratchett"
]
},
{
"key": "x_fastly_request_id",
"value": [
"135"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_t_location",
"value": [
"/iam"
]
},
{
"key": "x_nextjs_stale_time",
"value": [
"4294967294"
]
},
{
"key": "x_sucuri_cache",
"value": [
"tru"
]
},
{
"key": "x_cmd_response",
"value": [
"root"
]
},
{
"key": "loginip",
"value": [
"167.172.185.51"
]
},
{
"key": "x_akaunting",
"value": [
"Free Accounting Software"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_bubble_capacity_limit",
"value": [
"12"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Sails"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "中国电信"
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "802F714C70E3D9D9EBE1B8C20A4C128D",
"fingerprint_sha1": "1B6AB425BF5AE3AFF99A1CA3E0C7F451EC4DD32E",
"fingerprint_sha256": "155EF4CC3A0F6092087194AC00C0A7354301058093B33E09F60479B4D0DCCD4E",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"GI"
],
"domain_component": [
"LOGIIN",
"local"
],
"organization": [
"BIKVUJOQ"
],
"organizational_unit": [
"VIYJPQZ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "8822724042062345797",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"GI"
],
"domain_component": [
"LOGIIN",
"local"
],
"organization": [
"BIKVUJOQ"
],
"organizational_unit": [
"VIYJPQZ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "d554646d6ab0c88b64359e5e41f000a44a90aabd65776b55a04e8fe7ae7aca2d",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "d946afb99860745c1ae2736253370e8fc90f61754e0424425518ac83903f730f",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-04T11:34:29",
"not_before": "2025-07-04T11:34:29"
},
"version": 2
},
"fingerprint_sha256": "155EF4CC3A0F6092087194AC00C0A7354301058093B33E09F60479B4D0DCCD4E",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2018-15891",
"severity": "medium"
},
{
"id": "CVE-2019-19538",
"severity": "high"
},
{
"id": "CVE-2019-19851",
"severity": "medium"
}
],
"url": "https://47.119.16.90:10250/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-14T04:58:15.546Z"
},
{
"port": 11211,
"protocol": "tcp",
"name": "sip-proxy",
"version": "14.0.17",
"product": "FreePBX",
"extra_info": "Asterisk 15.7.4",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:sangoma:freepbx:14.0.17",
"part": "a",
"vendor": "sangoma",
"product": "freepbx",
"version": "14\\.0\\.17",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -1334692337,
"body_sha256": "979d1affe03b640f36972c5ba65b7d98bc03753a1ccd3d8d93bb0b12435b1623",
"component": [
"GoAhead",
"AngularJS",
"MySQL",
"Ruby",
"Python",
"PHP",
"BEM",
"SPIP:4.1.11",
"WordPress",
"Ruby on Rails",
"Django",
"Liveinternet",
"Adobe ColdFusion",
"CFML"
],
"content_length": 145565,
"favicon": {
"md5_hash": "c3ee66d45636052a69bab53600f2f878",
"murmur_hash": 362091310,
"path": "http://47.119.16.90:11211/favicon.ico",
"size": 2086
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145565"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Mon, 07 Jul 2025 21:36:58 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"Goahead/2.5.0 PeerSec-MatrixSSL/3.2.1-OPEN"
],
"set_cookie": [
"samlPreauthSessionHash=; path=/; secure;",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;",
"acSamlv2Token=; path=/; secure;",
"CLIENT_ID=7214",
"CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;",
"LastMRH_Session=ffd33fd2; path=/",
"NX-ANTI-CSRF-TOKEN=7400f7aab75991b599187e939d89d69c",
"Cacti=o6vomb0hujscvd9qh7icd0b6m6; path=/",
"zbx_sessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"SESSID=22363a2bf; path=/;",
"__s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/",
"PHC_DISABLED=1; path=/; secure;",
"wordpress_logged_in_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7Cbf7a880; path=/; HttpOnly",
"USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly",
"akaunting_session=7b22; Path=/;",
"webvpnlogin=; path=/; secure;",
"webvpn=A9790AFEACDEFA01FAAEAFEWFF390AE; path=/; secure;"
],
"unknown": [
{
"key": "teamcity_node_id",
"value": [
"MAIN_SERVER"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_kubernetes_pf_flowschema_uid",
"value": [
"34"
]
},
{
"key": "x_shardid",
"value": [
"80"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_fb_error_from",
"value": [
"fwdproxy"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_robots_tag",
"value": [
"none"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_turbo_charged_by",
"value": [
"LiteSpeed"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_github_request_id",
"value": [
"2544:7F5D:24C5A8:296D36:5E2B2B7B"
]
},
{
"key": "x_nextjs_stale_time",
"value": [
"4294967294"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_proxy_cache",
"value": [
"MISS"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_litespeed_cache",
"value": [
"hit"
]
},
{
"key": "host_header",
"value": [
"6d77dd967d63c3104bced1db0cace49c"
]
},
{
"key": "loginip",
"value": [
"167.172.153.6"
]
},
{
"key": "x_nginx_cache_status",
"value": [
"MISS"
]
},
{
"key": "nel",
"value": [
"{'report_to': 'network-errors', 'max_age': 2592000, 'failure_fraction': 0.01, 'success_fraction': 0.0001}"
]
},
{
"key": "sec_websocket_accept",
"value": [
"MIGfMA0GCSq"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_aspnet_version",
"value": [
"4.0.30319"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Amber"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "Seatunnel"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"memcached": {
"settings": {
"accepting_conns": "1",
"auth_cmds": "0",
"auth_errors": "0",
"bytes": "29828",
"bytes_read": "286857265",
"bytes_written": "129670828957",
"cas_badval": "0",
"cas_hits": "0",
"cas_misses": "0",
"cmd_flush": "3",
"cmd_get": "22076096",
"cmd_set": "21",
"cmd_touch": "0",
"conn_yields": "0",
"connection_structures": "55",
"curr_connections": "8",
"curr_items": "5",
"decr_hits": "0",
"decr_misses": "0",
"delete_hits": "0",
"delete_misses": "0",
"evicted_unfetched": "0",
"evictions": "0",
"expired_unfetched": "0",
"get_hits": "22076066",
"get_misses": "30",
"hash_bytes": "524288",
"hash_power_level": "16",
"incr_hits": "0",
"incr_misses": "0",
"libevent": "2.0.16-stable",
"limit_maxbytes": "67108864",
"listen_disabled_num": "0",
"pid": "2080",
"pointer_size": "64",
"reclaimed": "3",
"reserved_fds": "20",
"rusage_system": "1839.982991",
"rusage_user": "371.247201",
"threads": "4",
"time": "1520550684",
"total_connections": "5547233",
"total_items": "21",
"touch_hits": "0",
"touch_misses": "0",
"uptime": "3151236",
"version": "1.4.13"
},
"stats": {
"accepting_conns": "1",
"auth_cmds": "0",
"auth_errors": "0",
"bytes": "29828",
"bytes_read": "286857265",
"bytes_written": "129670828957",
"cas_badval": "0",
"cas_hits": "0",
"cas_misses": "0",
"cmd_flush": "3",
"cmd_get": "22076096",
"cmd_set": "21",
"cmd_touch": "0",
"conn_yields": "0",
"connection_structures": "55",
"curr_connections": "8",
"curr_items": "5",
"decr_hits": "0",
"decr_misses": "0",
"delete_hits": "0",
"delete_misses": "0",
"evicted_unfetched": "0",
"evictions": "0",
"expired_unfetched": "0",
"get_hits": "22076066",
"get_misses": "30",
"hash_bytes": "524288",
"hash_power_level": "16",
"incr_hits": "0",
"incr_misses": "0",
"libevent": "2.0.16-stable",
"limit_maxbytes": "67108864",
"listen_disabled_num": "0",
"pid": "2080",
"pointer_size": "64",
"reclaimed": "3",
"reserved_fds": "20",
"rusage_system": "1839.982991",
"rusage_user": "371.247201",
"threads": "4",
"time": "1520550684",
"total_connections": "5547233",
"total_items": "21",
"touch_hits": "0",
"touch_misses": "0",
"uptime": "3151236",
"version": "1.4.13"
}
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "802F714C70E3D9D9EBE1B8C20A4C128D",
"fingerprint_sha1": "1B6AB425BF5AE3AFF99A1CA3E0C7F451EC4DD32E",
"fingerprint_sha256": "155EF4CC3A0F6092087194AC00C0A7354301058093B33E09F60479B4D0DCCD4E",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"GI"
],
"domain_component": [
"LOGIIN",
"local"
],
"organization": [
"BIKVUJOQ"
],
"organizational_unit": [
"VIYJPQZ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "8822724042062345797",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"GI"
],
"domain_component": [
"LOGIIN",
"local"
],
"organization": [
"BIKVUJOQ"
],
"organizational_unit": [
"VIYJPQZ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "d554646d6ab0c88b64359e5e41f000a44a90aabd65776b55a04e8fe7ae7aca2d",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "d946afb99860745c1ae2736253370e8fc90f61754e0424425518ac83903f730f",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-04T11:34:29",
"not_before": "2025-07-04T11:34:29"
},
"version": 2
},
"fingerprint_sha256": "155EF4CC3A0F6092087194AC00C0A7354301058093B33E09F60479B4D0DCCD4E",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2018-15891",
"severity": "medium"
},
{
"id": "CVE-2019-19538",
"severity": "high"
},
{
"id": "CVE-2019-19851",
"severity": "medium"
}
],
"url": "https://47.119.16.90:11211/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-18T10:30:31.803Z"
},
{
"port": 15671,
"protocol": "tcp",
"name": "http",
"version": "2.7.5",
"product": "InfluxDB http admin",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:influxdata:influxdb:2.7.5",
"part": "a",
"vendor": "influxdata",
"product": "influxdb",
"version": "2\\.7\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -1754911564,
"body_sha256": "9440095911378da38d58a1bd50e3e74f8a1a09769aa53a25afa0c089f3e83991",
"component": [
"BEM",
"Adobe ColdFusion",
"AngularJS",
"WordPress",
"MySQL",
"PHP",
"Ruby on Rails",
"Ruby",
"CFML",
"Liveinternet",
"Django",
"Python",
"SPIP:4.1.11"
],
"content_length": 146335,
"favicon": {
"md5_hash": "83ad768167a370db201db71c482fc9e8",
"murmur_hash": 2089307605,
"path": "http://47.119.16.90:15671/favicon.ico",
"size": 6114
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146335"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 20 Jul 2025 07:44:37 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"Hikvision-Webs"
],
"set_cookie": [
"akaunting_session=7b22; Path=/;",
"Session=10.76.118.67.ff37fe7ceeca9a0ebedcf6549e8275d9; path=/",
"webvpn_as=; path=/; secure;",
"Cacti=o6vomb0hujscvd9qh7icd0b6m6; path=/",
"grafana_session=f7fbcb089c6994b7bc45775fdae1a13c; Path=/; Max-Age=2592000; HttpOnly; Secure; SameSite=Lax",
"zentaosid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"ASPSESSIONIDSSCDTDBS=n811avhi2gnvn1mlvv7572hkc; path=/; zfoausername=admin; HttpOnly",
"DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;",
"TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;",
"jeesite.session.id=n811avhi2gnvn1mlvv7572hkc; path=/; i_like_gogs=; i_like_gitea=; harbor-lang=; atmail6=; a=phpMyAdmin; b=/pma_lang; HttpOnly",
"zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly",
"openvpn_sess_H8jh9h5ZIWc4UupqRJqPcoH8cBuTGY4w8bl3_UBvts1XPiItuVQMxvAvN8y5RBLbLlezh0Zm2xKpNmMwSCcvTw=CMvHtVV0n6DjvP5c--JgEWS3QsIcjzA5-zwezOq1K0Vzs2WaMh_YR2h7HJIZppxqLTaCrhNv3uTg4yl2X4dMPw; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; Secure; HttpOnly",
"loginName=admin",
"RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;",
"__s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/",
"wordpress_logged_in_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7Cbf7a880; path=/; HttpOnly",
"CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;",
"webvpnaac=1; path=/; secure;"
],
"unknown": [
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_highwire_sessionid",
"value": [
"aaefbbcd"
]
},
{
"key": "x_influxdb_build",
"value": [
"OSS"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_sorting_hat_podid",
"value": [
"80"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_nextjs_prerender",
"value": [
"1"
]
},
{
"key": "x_varnish",
"value": [
"336777937"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_now_trace",
"value": [
"true"
]
},
{
"key": "loginip",
"value": [
"137.184.77.52"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_robots_tag",
"value": [
"none"
]
},
{
"key": "x_axentra_version",
"value": [
"13"
]
},
{
"key": "x_github_request_id",
"value": [
"2544:7F5D:24C5A8:296D36:5E2B2B7B"
]
},
{
"key": "x_template",
"value": [
"tpl_CleanPeppermintBlack_twoclick"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_alternate_cache_key",
"value": [
"cacheable:ba92b39be043e3c90d2fd075057dd3e5"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_nginx_cache_status",
"value": [
"MISS"
]
},
{
"key": "x_dc",
"value": [
"gcp-us-east1,gcp-us-central1,gcp-us-central1"
]
},
{
"key": "x_clacks_overhead",
"value": [
"GNU Terry Pratchett"
]
},
{
"key": "x_aspnet_version",
"value": [
"4.0.30319"
]
},
{
"key": "x_aspnetmvc_version",
"value": [
"5.2"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"SUSE"
],
"x_ua_compatible": [
"IE=EmulateIE7"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "vue"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://47.119.16.90:15671/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T07:45:04.811Z"
},
{
"port": 15672,
"protocol": "tcp",
"name": "sip-proxy",
"version": "14.0.17",
"product": "FreePBX",
"extra_info": "Asterisk 15.7.4",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:sangoma:freepbx:14.0.17",
"part": "a",
"vendor": "sangoma",
"product": "freepbx",
"version": "14\\.0\\.17",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -2114132771,
"body_sha256": "1252ca234baa12b5616aaa1f7d9c632ca301664271ce04874ae6909fc1432c49",
"component": [
"Liveinternet",
"MySQL",
"CFML",
"Django",
"WordPress",
"Ruby on Rails",
"Adobe ColdFusion",
"SPIP:4.1.11",
"Python",
"BEM",
"PHP",
"AngularJS",
"Ruby"
],
"content_length": 145658,
"favicon": {
"md5_hash": "1f52cc8ce9a3ab7ea704820f5f6a185e",
"murmur_hash": -1033644073,
"path": "http://47.119.16.90:15672/favicon.ico",
"size": 3774
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145658"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Thu, 10 Jul 2025 03:22:58 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"X-Web"
],
"set_cookie": [
"DSIVS=; path=/; expires=Thu, 01 Jan 1970 22:00:00 GMT; secure;",
"cepcAdminID=25263a2bf; path=/;",
"loginName=admin",
"sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;",
"TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;",
"csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains",
"metabase.DEVICE=657aec21-0f2d-4aa8-9973-172d408c3ebf;HttpOnly;Path=/;Expires=Thu, 01-Jan-1970 00:00:01;SameSite=None;Secure",
"UID=7400f7aab75991b599187e939d89d69c",
"AUTHSID=7400f7aab75991b599187e939d89d69c",
"SDPSESSIONID=AE7F18F5CE887FC885E5A1AE449D9AC1; Path=/; Secure; HttpOnly; SameSite=None;",
"USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly",
"samlPreauthSessionHash=; path=/; secure;",
"grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax",
"MRHSHint=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/",
"openvpn_sess_H8jh9h5ZIWc4UupqRJqPcoH8cBuTGY4w8bl3_UBvts1XPiItuVQMxvAvN8y5RBLbLlezh0Zm2xKpNmMwSCcvTw=CMvHtVV0n6DjvP5c--JgEWS3QsIcjzA5-zwezOq1K0Vzs2WaMh_YR2h7HJIZppxqLTaCrhNv3uTg4yl2X4dMPw; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; Secure; HttpOnly",
"F5_ST=2f2f1f1665754014a-1; path=/",
"akaunting_session=7b22; Path=/;",
"SUPPORTCHROMEOS=1; path=/; secure;"
],
"unknown": [
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "cf_ray",
"value": [
"55611f709b975f5b-LAS"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "teamcity_node_id",
"value": [
"MAIN_SERVER"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_includable_version",
"value": [
"32"
]
},
{
"key": "x_bubble_capacity_used",
"value": [
"true"
]
},
{
"key": "x_dynatrace_js_agent",
"value": [
"ch"
]
},
{
"key": "x_cdn",
"value": [
"Incapsula"
]
},
{
"key": "report_to",
"value": [
"{'group': 'network-errors', 'max_age': 2592000, 'endpoints': [{'url': 'https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify'}]}"
]
},
{
"key": "x_akamai_transformed",
"value": [
"af1"
]
},
{
"key": "x_served_by",
"value": [
"cache-xsp21434-XSP"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_permitted_cross_domain_policies",
"value": [
"none"
]
},
{
"key": "x_request_id",
"value": [
"ecff8573-23ca-4dbc-a0a9-e8af7876c4ae"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_wix_request_id",
"value": [
"1579229867.6801399"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "mime_version",
"value": [
"1.0"
]
},
{
"key": "loginip",
"value": [
"162.243.175.211"
]
},
{
"key": "x_backside_transport",
"value": [
"FAIL FAIL"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_cdn_forward",
"value": [
"maxcdn"
]
},
{
"key": "x_fb_error_from",
"value": [
"fwdproxy"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Red Hat"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "YONYOU UAP"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "802F714C70E3D9D9EBE1B8C20A4C128D",
"fingerprint_sha1": "1B6AB425BF5AE3AFF99A1CA3E0C7F451EC4DD32E",
"fingerprint_sha256": "155EF4CC3A0F6092087194AC00C0A7354301058093B33E09F60479B4D0DCCD4E",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"GI"
],
"domain_component": [
"LOGIIN",
"local"
],
"organization": [
"BIKVUJOQ"
],
"organizational_unit": [
"VIYJPQZ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "8822724042062345797",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"GI"
],
"domain_component": [
"LOGIIN",
"local"
],
"organization": [
"BIKVUJOQ"
],
"organizational_unit": [
"VIYJPQZ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "d554646d6ab0c88b64359e5e41f000a44a90aabd65776b55a04e8fe7ae7aca2d",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "d946afb99860745c1ae2736253370e8fc90f61754e0424425518ac83903f730f",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-04T11:34:29",
"not_before": "2025-07-04T11:34:29"
},
"version": 2
},
"fingerprint_sha256": "155EF4CC3A0F6092087194AC00C0A7354301058093B33E09F60479B4D0DCCD4E",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2018-15891",
"severity": "medium"
},
{
"id": "CVE-2019-19538",
"severity": "high"
},
{
"id": "CVE-2019-19851",
"severity": "medium"
}
],
"url": "https://47.119.16.90:15672/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-13T23:40:10.112Z"
},
{
"port": 20000,
"protocol": "tcp",
"name": "echo",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"modules": {
"dnp3": {
"raw": "BWQFyQAAAAA2TAVkBckBAAAA3o4FZAXJAgAAAJ+EBWQFyQMAAAB3RgVkBckEAAAAHZAFZAXJBQAAAPVSBWQFyQYAAAC0WAVkBckHAAAAXJoFZAXJCAAAABm5BWQFyQkAAADxewVkBckKAAAAsHEFZAXJCwAAAFizBWQFyQwAAAAyZQVkBckNAAAA2qcFZAXJDgAAAJutBWQFyQ8AAABzbwVkBckQAAAAEesFZAXJEQAAAPkpBWQFyRIAAAC4IwVkBckTAAAAUOEFZAXJFAAAADo3BWQFyRUAAADS9QVkBckWAAAAk/8FZAXJFwAAAHs9BWQFyRgAAAA+HgVkBckZAAAA1twFZAXJGgAAAJfWBWQFyRsAAAB/FAVkBckcAAAAFcIFZAXJHQAAAP0ABWQFyR4AAAC8CgVkBckfAAAAVMgFZAXJIAAAAAFPBWQFySEAAADpjQVkBckiAAAAqIcFZAXJIwAAAEBFBWQFySQAAAAqkwVkBcklAAAAwlEFZAXJJgAAAINbBWQFyScAAABrmQVkBckoAAAALroFZAXJKQAAAMZ4BWQFySoAAACHcgVkBckrAAAAb7AFZAXJLAAAAAVmBWQFyS0AAADtpAVkBckuAAAArK4FZAXJLwAAAERsBWQFyTAAAAAm6AVkBckxAAAAzioFZAXJMgAAAI8gBWQFyTMAAABn4gVkBck0AAAADTQFZAXJNQAAAOX2BWQFyTYAAACk/AVkBck3AAAATD4FZAXJOAAAAAkdBWQFyTkAAADh3wVkBck6AAAAoNUFZAXJOwAAAEgXBWQFyTwAAAAiwQVkBck9AAAAygMFZAXJPgAAAIsJBWQFyT8AAABjywVkBclAAAAAWEoFZAXJQQAAALCIBWQFyUIAAADxggVkBclDAAAAGUAFZAXJRAAAAHOWBWQFyUUAAACbVAVkBclGAAAA2l4FZAXJRwAAADKcBWQFyUgAAAB3vwVkBclJAAAAn30FZAXJSgAAAN53BWQFyUsAAAA2tQVkBclMAAAAXGMFZAXJTQAAALShBWQFyU4AAAD1qwVkBclPAAAAHWkFZAXJUAAAAH/tBWQFyVEAAACXLwVkBclSAAAA1iUFZAXJUwAAAD7nBWQFyVQAAABUMQVkBclVAAAAvPMFZAXJVgAAAP35BWQFyVcAAAAVOwVkBclYAAAAUBgFZAXJWQAAALjaBWQFyVoAAAD50AVkBclbAAAAERIFZAXJXAAAAHvEBWQFyV0AAACTBgVkBcleAAAA0gwFZAXJXwAAADrOBWQFyWAAAABvSQVkBclhAAAAh4sFZAXJYgAAAMaBBWQFyWMAAAAuQw=="
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-12T18:47:30.822Z"
},
{
"port": 27017,
"protocol": "tcp",
"name": "mongodb",
"version": "2.2.3",
"product": "MongoDB",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:mongodb:mongodb:2.2.3",
"part": "a",
"vendor": "mongodb",
"product": "mongodb",
"version": "2\\.2\\.3",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -490748591,
"body_sha256": "b90279f08e069820d69e99ef25e3042d2d9574a4d630314cd0f683aa4b2a43fa",
"component": [
"Ruby",
"SPIP:4.1.11",
"Django",
"AngularJS",
"Adobe ColdFusion",
"BEM",
"Liveinternet",
"CFML",
"WordPress",
"PHP",
"Python",
"MySQL",
"Ruby on Rails"
],
"content_length": 145667,
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145667"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Wed, 09 Jul 2025 22:15:17 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"p3p": [
"policyref=\"/bitrix/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA\""
],
"pragma": [
"private"
],
"server": [
"kx-ns1000"
],
"set_cookie": [
"webvpn=A9790AFEACDEFA01FAAEAFEWFF390AE; path=/; secure;",
"jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c; path=/",
"PHC_DISABLED=1; path=/; secure;",
"openvpn_sess_H8jh9h5ZIWc4UupqRJqPcoH8cBuTGY4w8bl3_UBvts1XPiItuVQMxvAvN8y5RBLbLlezh0Zm2xKpNmMwSCcvTw=CMvHtVV0n6DjvP5c--JgEWS3QsIcjzA5-zwezOq1K0Vzs2WaMh_YR2h7HJIZppxqLTaCrhNv3uTg4yl2X4dMPw; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; Secure; HttpOnly",
"SOLONID=n91i168jps8rd856bcrln2isqe; path=/",
"wordpress_logged_in_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7Cbf7a880; path=/; HttpOnly",
"CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;",
"did=A67B8F9C;",
"__s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/",
"TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;",
"zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly",
"PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/",
"X-Qlik-Session=35263a2bf; path=/;",
"AUTHSID=7400f7aab75991b599187e939d89d69c",
"cepcAdminID=25263a2bf; path=/;",
"loginName=admin",
"NX-ANTI-CSRF-TOKEN=7400f7aab75991b599187e939d89d69c",
"session=eyJsb2NhbGUiOiJlbiJ9.ZZ4C4A.Yts__-iv6tJYDJFDwkciSG_z7M4; HttpOnly; Path=/;"
],
"unknown": [
{
"key": "x_src_webcache",
"value": [
"fe05"
]
},
{
"key": "x_turbo_charged_by",
"value": [
"LiteSpeed"
]
},
{
"key": "loginip",
"value": [
"162.243.175.211"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_lift_version",
"value": [
"89"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_adblock_key",
"value": [
"23"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_cdn_forward",
"value": [
"maxcdn"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_shopid",
"value": [
"25693290577"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_bubble_perf",
"value": [
"/"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_iinfo",
"value": [
"11-40203780-0 0NNN RT(1579229728732 0) q(0 -1 -1 -1) r(0 -1)"
]
},
{
"key": "x_litespeed_cache",
"value": [
"hit"
]
},
{
"key": "x_download_options",
"value": [
"noopen"
]
},
{
"key": "x_vercel_id",
"value": [
"2"
]
},
{
"key": "cf_cache_status",
"value": [
"DYNAMIC"
]
},
{
"key": "x_shardid",
"value": [
"80"
]
},
{
"key": "x_powered_cms",
"value": [
"Bitrix Site Manager (31ebf3fe2d1251fbd7f82a700bcc1f66)"
]
},
{
"key": "x_robots_tag",
"value": [
"none"
]
},
{
"key": "x_tractor_stun",
"value": [
"4"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Sails"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "Universal Interface"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"mongodb": {
"allocator": "tcmalloc",
"bits": 64,
"databases": [
{
"empty": false,
"name": "admin",
"size_on_disk": 1201002
},
{
"empty": false,
"name": "local",
"size_on_disk": 2201002
},
{
"empty": false,
"name": "xdatnlab",
"size_on_disk": 22900002
}
],
"dist_arch": "x86_64",
"dist_mod": "",
"git_version": "a2d97db8fe449d15eb8e275bbf318491781472bf",
"is_master": true,
"javascript_engine": "mozjs",
"logical_session_timeout_minutes": 0,
"max_bson_object_size": 16777216,
"max_message_size_bytes": 48000000,
"max_wire_version": 5,
"max_write_batch_size": 1000,
"read_only": false,
"storage_engines": [
"devnull",
"ephemeralForTest",
"mmapv1",
"wiredTiger"
],
"sys_info": "deprecated",
"target_arch": "x86_64",
"target_os": "linux",
"total_size": 26302006,
"version": "2.2.3"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "802F714C70E3D9D9EBE1B8C20A4C128D",
"fingerprint_sha1": "1B6AB425BF5AE3AFF99A1CA3E0C7F451EC4DD32E",
"fingerprint_sha256": "155EF4CC3A0F6092087194AC00C0A7354301058093B33E09F60479B4D0DCCD4E",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"GI"
],
"domain_component": [
"LOGIIN",
"local"
],
"organization": [
"BIKVUJOQ"
],
"organizational_unit": [
"VIYJPQZ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "8822724042062345797",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"GI"
],
"domain_component": [
"LOGIIN",
"local"
],
"organization": [
"BIKVUJOQ"
],
"organizational_unit": [
"VIYJPQZ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "d554646d6ab0c88b64359e5e41f000a44a90aabd65776b55a04e8fe7ae7aca2d",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "d946afb99860745c1ae2736253370e8fc90f61754e0424425518ac83903f730f",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-04T11:34:29",
"not_before": "2025-07-04T11:34:29"
},
"version": 2
},
"fingerprint_sha256": "155EF4CC3A0F6092087194AC00C0A7354301058093B33E09F60479B4D0DCCD4E",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2012-6619",
"severity": "medium"
},
{
"id": "CVE-2013-1892",
"severity": "medium"
},
{
"id": "CVE-2013-2132",
"severity": "medium"
}
],
"url": "https://47.119.16.90:27017/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-13T11:00:52.605Z"
},
{
"port": 27018,
"protocol": "tcp",
"name": "http-proxy",
"version": "3.5.27",
"product": "Squid http proxy",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:squid-cache:squid:3.5.27",
"part": "a",
"vendor": "squid\\-cache",
"product": "squid",
"version": "3\\.5\\.27",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 2083276475,
"body_sha256": "30fa02e2579706aabcea267eccb5fc8aad7c190de9dcbd925642ebabdd23366e",
"component": [
"CFML",
"Liveinternet",
"AngularJS",
"Ruby",
"Adobe ColdFusion",
"BEM",
"Django",
"Python",
"WordPress",
"PHP",
"Ruby on Rails",
"SPIP:4.1.11",
"MySQL"
],
"content_length": 146340,
"favicon": {
"md5_hash": "1dcc55aa6f973801b0252f6304e6dc1c",
"murmur_hash": -1750461220,
"path": "http://47.119.16.90:27018/favicon.ico",
"size": 6772
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146340"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 20 Jul 2025 15:35:53 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"AirTunes/377.30.01"
],
"set_cookie": [
"AUTHSID=7400f7aab75991b599187e939d89d69c",
"TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;",
"ASPSESSIONIDSSCDTDBS=n811avhi2gnvn1mlvv7572hkc; path=/; zfoausername=admin; HttpOnly",
"F5_ST=2f2f1f1665754014a-1; path=/",
"wordpress_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7C70307dfb; path=/wp-admin; HttpOnly",
"roundcube_cookies=enabled; HttpOnly; expires=Tue, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;",
"SOLONID=n91i168jps8rd856bcrln2isqe; path=/",
"Session=10.76.118.67.ff37fe7ceeca9a0ebedcf6549e8275d9; path=/",
"NX-ANTI-CSRF-TOKEN=7400f7aab75991b599187e939d89d69c",
"CLIENT_ID=7214",
"sessionNonceCookie-91c537b4-8e24-3455-8f0c-225b8fcc3641=16a09f29-a4ff-4be2-b4a5-913c7880d677; Max-Age=4800; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Path=/; Secure; HttpOnly; SameSite=None",
"token=21263a2bf; path=/;",
"CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;",
"wordpress_logged_in_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7Cbf7a880; path=/; HttpOnly",
"roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"sdplogincsrfcookie=6cc9d6ad-33d5-4b5a-adc8-b5bf284cb492; Path=/; SameSite=None; Secure;",
"SDPSESSIONID=AE7F18F5CE887FC885E5A1AE449D9AC1; Path=/; Secure; HttpOnly; SameSite=None;"
],
"unknown": [
{
"key": "x_hacker",
"value": [
"If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header."
]
},
{
"key": "x_cocoon_version",
"value": [
"13"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_dynatrace_js_agent",
"value": [
"ch"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_sucuri_id",
"value": [
"67"
]
},
{
"key": "x_mod_pagespeed",
"value": [
"1.13.35.2-0"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_cmd_response",
"value": [
"root"
]
},
{
"key": "x_sucuri_cache",
"value": [
"tru"
]
},
{
"key": "loginip",
"value": [
"137.184.77.52"
]
},
{
"key": "sec_websocket_accept",
"value": [
"MIGfMA0GCSq"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_nextjs_cache",
"value": [
"HIT"
]
},
{
"key": "x_confluence_request_time",
"value": [
"1698802372064"
]
},
{
"key": "x_nananana",
"value": [
"Batcache"
]
},
{
"key": "x_aspnet_version",
"value": [
"4.0.30319"
]
},
{
"key": "x_cache",
"value": [
"miss"
]
},
{
"key": "x_fb_error_from",
"value": [
"fwdproxy"
]
},
{
"key": "x_permitted_cross_domain_policies",
"value": [
"none"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_runtime",
"value": [
"0.00985"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Scientific Linux"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "GPON ONT"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2018-1000024",
"severity": "high"
},
{
"id": "CVE-2018-1000027",
"severity": "high"
},
{
"id": "CVE-2018-1172",
"severity": "medium"
}
],
"url": "https://47.119.16.90:27018/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T15:36:22.478Z"
},
{
"port": 27019,
"protocol": "tcp",
"name": "http",
"version": "1.1",
"product": "Apache Tomcat/Coyote JSP engine",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:apache:coyote_http_connector:1.1",
"part": "a",
"vendor": "apache",
"product": "coyote_http_connector",
"version": "1\\.1",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 1620744844,
"body_sha256": "0755ea09c4b521d673216347dc72e0a6a5905a38c45c0d6a459ba6dc69bbe70f",
"component": [
"Liveinternet",
"CFML",
"MySQL",
"PHP",
"Jetty",
"Python",
"WordPress",
"Ruby on Rails",
"Django",
"Adobe ColdFusion",
"BEM",
"AngularJS",
"SPIP:4.1.11",
"Java",
"Ruby"
],
"content_length": 146366,
"favicon": {
"md5_hash": "b89adb697c786ef4c9553d2caf9fc409",
"murmur_hash": -17306567,
"path": "http://47.119.16.90:27019/favicon.ico",
"size": 827
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146366"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 20 Jul 2025 11:11:45 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"p3p": [
"CP=CAO PSA OUR"
],
"pragma": [
"private"
],
"server": [
"Jetty/3.1.8 (Windows 2000 5.0 x86)"
],
"set_cookie": [
"openvpn_sess_H8jh9h5ZIWc4UupqRJqPcoH8cBuTGY4w8bl3_UBvts1XPiItuVQMxvAvN8y5RBLbLlezh0Zm2xKpNmMwSCcvTw=CMvHtVV0n6DjvP5c--JgEWS3QsIcjzA5-zwezOq1K0Vzs2WaMh_YR2h7HJIZppxqLTaCrhNv3uTg4yl2X4dMPw; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; Secure; HttpOnly",
"samlPreauthSessionHash=; path=/; secure;",
"csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains",
"akaunting_session=7b22; Path=/;",
"zentaosid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;",
"MRHSession=ffd33fd2; path=/",
"MoodleSession=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"MISESSID=22363a2bf; path=/mi;",
"Session=10.76.118.67.ff37fe7ceeca9a0ebedcf6549e8275d9; path=/",
"SOLONID=n91i168jps8rd856bcrln2isqe; path=/",
"cval=f337; path=/; splunkweb_csrf_token_8000=0011;",
"acSamlv2Token=; path=/; secure;",
"grafana_session=f7fbcb089c6994b7bc45775fdae1a13c; Path=/; Max-Age=2592000; HttpOnly; Secure; SameSite=Lax",
"token=21263a2bf; path=/;",
"metabase.DEVICE=657aec21-0f2d-4aa8-9973-172d408c3ebf;HttpOnly;Path=/;Expires=Thu, 01-Jan-1970 00:00:01;SameSite=None;Secure",
"LastMRH_Session=ffd33fd2; path=/",
"DSIVS=; path=/; expires=Thu, 01 Jan 1970 22:00:00 GMT; secure;"
],
"unknown": [
{
"key": "x_drupal_cache",
"value": [
"HIT"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_nextjs_prerender",
"value": [
"1"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "teamcity_node_id",
"value": [
"MAIN_SERVER"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_fsc",
"value": [
"=deleteMe|rememberMe= 360wzws|CWAP-waf|zhuji.360.cn|X-Safe-Firewall AkamaiGHost Anquanbao Basic realm=\"dubbo\" BigIP|BIGipServer binarysec BlockDos.net client_param=install_active cloudflare cloudfront Cneonction|nnCoection|citrix_ns_id dotDefender ecology_JSessionid EMobileServer 华夏ERP JBoss jsluid= laravel_session linksys-vpn Mod_Security|NOYB Nagios Access nagios admin newdefend NSFocus Protected by COMODO Safe3WAF|Safe3 Web Firewall Safedog|WAF/2.0 Secure Entry Server sessioncookie= SonicWALL Sucuri/Cloudproxy ThinkPHP varnish wallarm WebKnight WebLogic webvpn X-Backside-Transport X-CDN|Incapsula X-Confluence X-Mapping- YUNDUN yunjiasu yunsuo zhuji.360.cn"
]
},
{
"key": "loginip",
"value": [
"137.184.77.52"
]
},
{
"key": "x_nextjs_stale_time",
"value": [
"4294967294"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_language",
"value": [
"english"
]
},
{
"key": "x_download_options",
"value": [
"noopen"
]
},
{
"key": "cf_ray",
"value": [
"55611f709b975f5b-LAS"
]
},
{
"key": "x_cache_group",
"value": [
"normal"
]
},
{
"key": "x_contextid",
"value": [
"YQo="
]
},
{
"key": "x_influxdb",
"value": [
"b"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_citrix_application",
"value": [
"Receiver for Web"
]
},
{
"key": "x_seen_by",
"value": [
"CtsEH7KQ5yf2LQM4TNLiEjUavO2mWjwAez9sPj8Ws5MUdPUz2A==,YQo=,YQo=,YQo=,YQo=,YQo=,YQo="
]
},
{
"key": "x_syno_token",
"value": [
"MIGfMA0GCSq"
]
},
{
"key": "x_adblock_key",
"value": [
"23"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_cdn",
"value": [
"Incapsula"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"blade-"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "EAA(EHE Application Access System)"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://47.119.16.90:27019/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T11:12:11.807Z"
},
{
"port": 29092,
"protocol": "tcp",
"name": "http",
"version": "2.7.5",
"product": "InfluxDB http admin",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:influxdata:influxdb:2.7.5",
"part": "a",
"vendor": "influxdata",
"product": "influxdb",
"version": "2\\.7\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 2049660659,
"body_sha256": "e5598c906d4670878d2b8a7cb4f71abe1cb220c55cfe922b783746ab518ec9e2",
"component": [
"AngularJS",
"Django",
"Python",
"PHP",
"Adobe ColdFusion",
"SPIP:4.1.11",
"WordPress",
"Liveinternet",
"CFML",
"Ruby on Rails",
"Ruby",
"BEM",
"MySQL"
],
"content_length": 146390,
"favicon": {
"md5_hash": "1dcc55aa6f973801b0252f6304e6dc1c",
"murmur_hash": -1750461220,
"path": "http://47.119.16.90:29092/favicon.ico",
"size": 6772
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146390"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Fri, 18 Jul 2025 23:23:47 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"Axigen-Webmail"
],
"set_cookie": [
"session=eyJsb2NhbGUiOiJlbiJ9.ZZ4C4A.Yts__-iv6tJYDJFDwkciSG_z7M4; HttpOnly; Path=/;",
"NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;",
"NX-ANTI-CSRF-TOKEN=7400f7aab75991b599187e939d89d69c",
"webvpnaac=1; path=/; secure;",
"sessionNonceCookie-91c537b4-8e24-3455-8f0c-225b8fcc3641=16a09f29-a4ff-4be2-b4a5-913c7880d677; Max-Age=4800; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Path=/; Secure; HttpOnly; SameSite=None",
"rememberMe=deleteMe; path=/;",
"ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly",
"SUPPORTCHROMEOS=1; path=/; secure;",
"openvpn_sess_H8jh9h5ZIWc4UupqRJqPcoH8cBuTGY4w8bl3_UBvts1XPiItuVQMxvAvN8y5RBLbLlezh0Zm2xKpNmMwSCcvTw=CMvHtVV0n6DjvP5c--JgEWS3QsIcjzA5-zwezOq1K0Vzs2WaMh_YR2h7HJIZppxqLTaCrhNv3uTg4yl2X4dMPw; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; Secure; HttpOnly",
"Session=10.76.118.67.ff37fe7ceeca9a0ebedcf6549e8275d9; path=/",
"RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;",
"webvpn=A9790AFEACDEFA01FAAEAFEWFF390AE; path=/; secure;",
"F5_ST=2f2f1f1665754014a-1; path=/",
"acSamlv2Token=; path=/; secure;",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;",
"LastMRH_Session=ffd33fd2; path=/",
"_indexVersion=2; path=/"
],
"unknown": [
{
"key": "x_cache_miss_from",
"value": [
"parking-74c5b8d946-dhmw5"
]
},
{
"key": "x_amz_cf_id",
"value": [
"CtsEH7KQ5yf2LQM4TNLiEjUavO2mWjwAez9sPj8Ws5MUdPUz2A=="
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_ibm_aspera",
"value": [
"af"
]
},
{
"key": "x_timer",
"value": [
"S1579233182.306174,VS0,VE0"
]
},
{
"key": "x_dynatrace_js_agent",
"value": [
"ch"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_proxy_cache",
"value": [
"MISS"
]
},
{
"key": "x_generator",
"value": [
"Drupal 7 (http://drupal.org)"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_akaunting",
"value": [
"Free Accounting Software"
]
},
{
"key": "loginip",
"value": [
"157.230.227.200"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_lift_version",
"value": [
"89"
]
},
{
"key": "x_citrix_application",
"value": [
"Receiver for Web"
]
},
{
"key": "x_iinfo",
"value": [
"11-40203780-0 0NNN RT(1579229728732 0) q(0 -1 -1 -1) r(0 -1)"
]
}
],
"vary": [
"RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch, Accept-Encoding"
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Red Hat"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "Emby - ns340537,UPnP/AV 1.0 Compliant Media Server"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "AD3468A2926201CC0C7FAD5FCCC432A0",
"fingerprint_sha1": "0B098F6D26A8BD9CAA75D8A536CA21EBB7ECAF53",
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2409155150483202861",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"RO"
],
"domain_component": [
"BN",
"local"
],
"organization": [
"HHTTKLCU"
],
"organizational_unit": [
"CRNDVEX"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "12e47e40da70a948cbed4cd3e415649e869a90cdc121a9d361ac99905e4ec866",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "7617975c095818f6216bbaa75fc7c5fb6a796c88601b388ca9679c405e6dcd63",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:38:01",
"not_before": "2025-07-11T08:38:01"
},
"version": 2
},
"fingerprint_sha256": "C87CCE6C65AF7530BF9C50CCDCA38C628F5768AD801A0AECC759AEF632F270D0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://47.119.16.90:29092/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-18T23:24:13.763Z"
}
],
"services_hash": "ded09e887e28c46b57d78af049a8476bf2e4e6630de7c5b5c60eb44abdbfaeff",
"last_updated_at": "2025-07-21T15:59:19.99Z",
"banner": [
"http",
"influxdb",
"qnap",
"solrdb",
"tls",
"ipp",
"couchdb",
"memcached",
"ftp",
"ssh",
"telnet",
"smtp",
"consul",
"dnp3",
"elasticsearch",
"mongodb",
"mysql",
"pop3",
"mssql"
],
"is_vuln": true,
"cveDetails": {
"CVE-2006-20001": {
"id": "CVE-2006-20001",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01",
"https://security.netapp.com/advisory/ntap-20230316-0005/"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash.\n\nThis issue affects Apache HTTP Server 2.4.54 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-787"
},
"CVE-2007-3205": {
"id": "CVE-2007-3205",
"references": [
"http://osvdb.org/39834",
"http://securityreason.com/securityalert/2800",
"http://www.acid-root.new.fr/advisories/14070612.txt",
"http://www.securityfocus.com/archive/1/471178/100/0/threaded",
"http://www.securityfocus.com/archive/1/471204/100/0/threaded",
"http://www.securityfocus.com/archive/1/471275/100/0/threaded",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/34836",
"http://osvdb.org/39834",
"http://securityreason.com/securityalert/2800",
"http://www.acid-root.new.fr/advisories/14070612.txt",
"http://www.securityfocus.com/archive/1/471178/100/0/threaded",
"http://www.securityfocus.com/archive/1/471204/100/0/threaded",
"http://www.securityfocus.com/archive/1/471275/100/0/threaded",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/34836"
],
"score": 5,
"services": [
"6379/echo"
],
"severity": "medium",
"summary": "The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"weakness": "NVD-CWE-Other"
},
"CVE-2007-4559": {
"id": "CVE-2007-4559",
"references": [
"http://mail.python.org/pipermail/python-dev/2007-August/074290.html",
"http://mail.python.org/pipermail/python-dev/2007-August/074292.html",
"http://secunia.com/advisories/26623",
"http://www.vupen.com/english/advisories/2007/3022",
"https://bugzilla.redhat.com/show_bug.cgi?id=263261",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVBB7NU3YIRRDOKLYVN647WPRR3IAKR6/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FI55PGL47ES3OU2FQPGEHOI2EK3S2OBH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KA4Z44ZAI4SY7THCFBUDNT5EEFO4XQ3A/",
"https://security.gentoo.org/glsa/202309-06",
"http://mail.python.org/pipermail/python-dev/2007-August/074290.html",
"http://mail.python.org/pipermail/python-dev/2007-August/074292.html",
"http://secunia.com/advisories/26623",
"http://www.vupen.com/english/advisories/2007/3022",
"https://bugzilla.redhat.com/show_bug.cgi?id=263261",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVBB7NU3YIRRDOKLYVN647WPRR3IAKR6/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FI55PGL47ES3OU2FQPGEHOI2EK3S2OBH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KA4Z44ZAI4SY7THCFBUDNT5EEFO4XQ3A/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/CVBB7NU3YIRRDOKLYVN647WPRR3IAKR6/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/FI55PGL47ES3OU2FQPGEHOI2EK3S2OBH/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/KA4Z44ZAI4SY7THCFBUDNT5EEFO4XQ3A/",
"https://security.gentoo.org/glsa/202309-06"
],
"score": 9.8,
"services": [
"8500/http"
],
"severity": "critical",
"summary": "Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-22"
},
"CVE-2008-5983": {
"id": "CVE-2008-5983",
"references": [
"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html",
"http://secunia.com/advisories/34522",
"http://secunia.com/advisories/40194",
"http://secunia.com/advisories/42888",
"http://secunia.com/advisories/50858",
"http://secunia.com/advisories/51024",
"http://secunia.com/advisories/51040",
"http://secunia.com/advisories/51087",
"http://security.gentoo.org/glsa/glsa-200903-41.xml",
"http://security.gentoo.org/glsa/glsa-200904-06.xml",
"http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg586010.html",
"http://www.nabble.com/Bug-484305%3A-bicyclerepair%3A-bike.vim-imports-untrusted-python-files-from-cwd-td18848099.html",
"http://www.openwall.com/lists/oss-security/2009/01/26/2",
"http://www.openwall.com/lists/oss-security/2009/01/28/5",
"http://www.openwall.com/lists/oss-security/2009/01/30/2",
"http://www.redhat.com/support/errata/RHSA-2011-0027.html",
"http://www.ubuntu.com/usn/USN-1596-1",
"http://www.ubuntu.com/usn/USN-1613-1",
"http://www.ubuntu.com/usn/USN-1613-2",
"http://www.ubuntu.com/usn/USN-1616-1",
"http://www.vupen.com/english/advisories/2010/1448",
"http://www.vupen.com/english/advisories/2011/0122",
"https://bugzilla.redhat.com/show_bug.cgi?id=482814",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html",
"http://secunia.com/advisories/34522",
"http://secunia.com/advisories/40194",
"http://secunia.com/advisories/42888",
"http://secunia.com/advisories/50858",
"http://secunia.com/advisories/51024",
"http://secunia.com/advisories/51040",
"http://secunia.com/advisories/51087",
"http://security.gentoo.org/glsa/glsa-200903-41.xml",
"http://security.gentoo.org/glsa/glsa-200904-06.xml",
"http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg586010.html",
"http://www.nabble.com/Bug-484305%3A-bicyclerepair%3A-bike.vim-imports-untrusted-python-files-from-cwd-td18848099.html",
"http://www.openwall.com/lists/oss-security/2009/01/26/2",
"http://www.openwall.com/lists/oss-security/2009/01/28/5",
"http://www.openwall.com/lists/oss-security/2009/01/30/2",
"http://www.redhat.com/support/errata/RHSA-2011-0027.html",
"http://www.ubuntu.com/usn/USN-1596-1",
"http://www.ubuntu.com/usn/USN-1613-1",
"http://www.ubuntu.com/usn/USN-1613-2",
"http://www.ubuntu.com/usn/USN-1616-1",
"http://www.vupen.com/english/advisories/2010/1448",
"http://www.vupen.com/english/advisories/2011/0122",
"https://bugzilla.redhat.com/show_bug.cgi?id=482814"
],
"score": 6.9,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv[0] argument does not contain a path separator, which might allow local users to execute arbitrary code via a Trojan horse Python file in the current working directory.",
"vector_string": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"weakness": "CWE-426"
},
"CVE-2010-1634": {
"id": "CVE-2010-1634",
"references": [
"http://bugs.python.org/issue8674",
"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html",
"http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html",
"http://secunia.com/advisories/39937",
"http://secunia.com/advisories/40194",
"http://secunia.com/advisories/42888",
"http://secunia.com/advisories/43068",
"http://secunia.com/advisories/50858",
"http://secunia.com/advisories/51024",
"http://secunia.com/advisories/51040",
"http://secunia.com/advisories/51087",
"http://support.apple.com/kb/HT5002",
"http://svn.python.org/view?rev=81045&view=rev",
"http://svn.python.org/view?rev=81079&view=rev",
"http://www.redhat.com/support/errata/RHSA-2011-0027.html",
"http://www.securityfocus.com/bid/40370",
"http://www.ubuntu.com/usn/USN-1596-1",
"http://www.ubuntu.com/usn/USN-1613-1",
"http://www.ubuntu.com/usn/USN-1613-2",
"http://www.ubuntu.com/usn/USN-1616-1",
"http://www.vupen.com/english/advisories/2010/1448",
"http://www.vupen.com/english/advisories/2011/0122",
"http://www.vupen.com/english/advisories/2011/0212",
"https://bugzilla.redhat.com/show_bug.cgi?id=590690"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3143.5.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "CWE-190"
},
"CVE-2010-2089": {
"id": "CVE-2010-2089",
"references": [
"http://bugs.python.org/issue7673",
"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html",
"http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html",
"http://secunia.com/advisories/40194",
"http://secunia.com/advisories/42888",
"http://secunia.com/advisories/43068",
"http://secunia.com/advisories/50858",
"http://secunia.com/advisories/51024",
"http://secunia.com/advisories/51040",
"http://secunia.com/advisories/51087",
"http://support.apple.com/kb/HT5002",
"http://www.redhat.com/support/errata/RHSA-2011-0027.html",
"http://www.securityfocus.com/bid/40863",
"http://www.ubuntu.com/usn/USN-1596-1",
"http://www.ubuntu.com/usn/USN-1613-1",
"http://www.ubuntu.com/usn/USN-1613-2",
"http://www.ubuntu.com/usn/USN-1616-1",
"http://www.vupen.com/english/advisories/2010/1448",
"http://www.vupen.com/english/advisories/2011/0122",
"http://www.vupen.com/english/advisories/2011/0212",
"https://bugzilla.redhat.com/show_bug.cgi?id=598197"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "CWE-787"
},
"CVE-2010-3492": {
"id": "CVE-2010-3492",
"references": [
"http://bugs.python.org/issue6706",
"http://www.mandriva.com/security/advisories?name=MDVSA-2010:215",
"http://www.mandriva.com/security/advisories?name=MDVSA-2010:216",
"http://www.openwall.com/lists/oss-security/2010/09/09/6",
"http://www.openwall.com/lists/oss-security/2010/09/11/2",
"http://www.openwall.com/lists/oss-security/2010/09/22/3",
"http://www.openwall.com/lists/oss-security/2010/09/24/3",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12111",
"http://bugs.python.org/issue6706",
"http://www.mandriva.com/security/advisories?name=MDVSA-2010:215",
"http://www.mandriva.com/security/advisories?name=MDVSA-2010:216",
"http://www.openwall.com/lists/oss-security/2010/09/09/6",
"http://www.openwall.com/lists/oss-security/2010/09/11/2",
"http://www.openwall.com/lists/oss-security/2010/09/22/3",
"http://www.openwall.com/lists/oss-security/2010/09/24/3",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12111"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote attackers to conduct denial of service attacks that terminate these applications via network connections.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-2011-4940": {
"id": "CVE-2011-4940",
"references": [
"http://bugs.python.org/issue11442",
"http://jvn.jp/en/jp/JVN51176027/index.html",
"http://jvndb.jvn.jp/jvndb/JVNDB-2012-000063",
"http://secunia.com/advisories/50858",
"http://secunia.com/advisories/51024",
"http://secunia.com/advisories/51040",
"http://www.securityfocus.com/bid/54083",
"http://www.ubuntu.com/usn/USN-1592-1",
"http://www.ubuntu.com/usn/USN-1596-1",
"http://www.ubuntu.com/usn/USN-1613-1",
"http://www.ubuntu.com/usn/USN-1613-2",
"https://bugzilla.redhat.com/show_bug.cgi?id=803500",
"http://bugs.python.org/issue11442",
"http://jvn.jp/en/jp/JVN51176027/index.html",
"http://jvndb.jvn.jp/jvndb/JVNDB-2012-000063",
"http://secunia.com/advisories/50858",
"http://secunia.com/advisories/51024",
"http://secunia.com/advisories/51040",
"http://www.securityfocus.com/bid/54083",
"http://www.ubuntu.com/usn/USN-1592-1",
"http://www.ubuntu.com/usn/USN-1596-1",
"http://www.ubuntu.com/usn/USN-1613-1",
"http://www.ubuntu.com/usn/USN-1613-2",
"https://bugzilla.redhat.com/show_bug.cgi?id=803500"
],
"score": 2.6,
"services": [
"8500/http"
],
"severity": "low",
"summary": "The list_directory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer 7 via UTF-7 encoding.",
"vector_string": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"weakness": "CWE-79"
},
"CVE-2011-4944": {
"id": "CVE-2011-4944",
"references": [
"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650555",
"http://bugs.python.org/file23824/pypirc-secure.diff",
"http://bugs.python.org/issue13512",
"http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"http://secunia.com/advisories/50858",
"http://secunia.com/advisories/51024",
"http://secunia.com/advisories/51040",
"http://secunia.com/advisories/51087",
"http://secunia.com/advisories/51089",
"http://www.openwall.com/lists/oss-security/2012/03/27/10",
"http://www.openwall.com/lists/oss-security/2012/03/27/2",
"http://www.openwall.com/lists/oss-security/2012/03/27/5",
"http://www.ubuntu.com/usn/USN-1592-1",
"http://www.ubuntu.com/usn/USN-1596-1",
"http://www.ubuntu.com/usn/USN-1613-1",
"http://www.ubuntu.com/usn/USN-1613-2",
"http://www.ubuntu.com/usn/USN-1615-1",
"http://www.ubuntu.com/usn/USN-1616-1",
"https://bugzilla.redhat.com/show_bug.cgi?id=758905"
],
"score": 1.8,
"services": [
"8500/http"
],
"severity": "low",
"summary": "Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file.",
"vector_string": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"weakness": "CWE-264"
},
"CVE-2012-0845": {
"id": "CVE-2012-0845",
"references": [
"http://bugs.python.org/issue14001",
"http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"http://python.org/download/releases/2.6.8/",
"http://python.org/download/releases/2.7.3/",
"http://python.org/download/releases/3.1.5/",
"http://python.org/download/releases/3.2.3/",
"http://secunia.com/advisories/50858",
"http://secunia.com/advisories/51024",
"http://secunia.com/advisories/51040",
"http://secunia.com/advisories/51087",
"http://secunia.com/advisories/51089",
"http://www.openwall.com/lists/oss-security/2012/02/13/4",
"http://www.securitytracker.com/id?1026689",
"http://www.ubuntu.com/usn/USN-1592-1",
"http://www.ubuntu.com/usn/USN-1596-1",
"http://www.ubuntu.com/usn/USN-1613-1",
"http://www.ubuntu.com/usn/USN-1613-2",
"http://www.ubuntu.com/usn/USN-1615-1",
"http://www.ubuntu.com/usn/USN-1616-1",
"https://bugzilla.redhat.com/show_bug.cgi?id=789790",
"http://bugs.python.org/issue14001",
"http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"http://python.org/download/releases/2.6.8/",
"http://python.org/download/releases/2.7.3/",
"http://python.org/download/releases/3.1.5/",
"http://python.org/download/releases/3.2.3/",
"http://secunia.com/advisories/50858",
"http://secunia.com/advisories/51024",
"http://secunia.com/advisories/51040",
"http://secunia.com/advisories/51087",
"http://secunia.com/advisories/51089",
"http://www.openwall.com/lists/oss-security/2012/02/13/4",
"http://www.securitytracker.com/id?1026689",
"http://www.ubuntu.com/usn/USN-1592-1",
"http://www.ubuntu.com/usn/USN-1596-1",
"http://www.ubuntu.com/usn/USN-1613-1",
"http://www.ubuntu.com/usn/USN-1613-2",
"http://www.ubuntu.com/usn/USN-1615-1",
"http://www.ubuntu.com/usn/USN-1616-1",
"https://bugzilla.redhat.com/show_bug.cgi?id=789790"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smaller amount of data than specified by the Content-Length header.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "CWE-399"
},
"CVE-2012-0876": {
"id": "CVE-2012-0876",
"references": [
"http://bugs.python.org/issue13703#msg151870",
"http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html",
"http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html",
"http://mail.libexpat.org/pipermail/expat-discuss/2012-March/002768.html",
"http://rhn.redhat.com/errata/RHSA-2012-0731.html",
"http://rhn.redhat.com/errata/RHSA-2016-0062.html",
"http://rhn.redhat.com/errata/RHSA-2016-2957.html",
"http://secunia.com/advisories/49504",
"http://secunia.com/advisories/51024",
"http://secunia.com/advisories/51040",
"http://sourceforge.net/projects/expat/files/expat/2.1.0/",
"http://sourceforge.net/tracker/?func=detail&atid=110127&aid=3496608&group_id=10127",
"http://www.debian.org/security/2012/dsa-2525",
"http://www.mandriva.com/security/advisories?name=MDVSA-2012:041",
"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"http://www.securityfocus.com/bid/52379",
"http://www.ubuntu.com/usn/USN-1527-1",
"http://www.ubuntu.com/usn/USN-1613-1",
"http://www.ubuntu.com/usn/USN-1613-2",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10365",
"https://support.apple.com/HT205637",
"https://www.tenable.com/security/tns-2016-20"
],
"score": 4.3,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"weakness": "CWE-400"
},
"CVE-2012-1150": {
"id": "CVE-2012-1150",
"references": [
"http://bugs.python.org/issue13703",
"http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"http://mail.python.org/pipermail/python-dev/2011-December/115116.html",
"http://mail.python.org/pipermail/python-dev/2012-January/115892.html",
"http://python.org/download/releases/2.6.8/",
"http://python.org/download/releases/2.7.3/",
"http://python.org/download/releases/3.1.5/",
"http://python.org/download/releases/3.2.3/",
"http://secunia.com/advisories/50858",
"http://secunia.com/advisories/51087",
"http://secunia.com/advisories/51089",
"http://www.openwall.com/lists/oss-security/2012/03/10/3",
"http://www.ubuntu.com/usn/USN-1592-1",
"http://www.ubuntu.com/usn/USN-1596-1",
"http://www.ubuntu.com/usn/USN-1615-1",
"http://www.ubuntu.com/usn/USN-1616-1",
"https://bugzilla.redhat.com/show_bug.cgi?id=750555",
"http://bugs.python.org/issue13703",
"http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"http://mail.python.org/pipermail/python-dev/2011-December/115116.html",
"http://mail.python.org/pipermail/python-dev/2012-January/115892.html",
"http://python.org/download/releases/2.6.8/",
"http://python.org/download/releases/2.7.3/",
"http://python.org/download/releases/3.1.5/",
"http://python.org/download/releases/3.2.3/",
"http://secunia.com/advisories/50858",
"http://secunia.com/advisories/51087",
"http://secunia.com/advisories/51089",
"http://www.openwall.com/lists/oss-security/2012/03/10/3",
"http://www.ubuntu.com/usn/USN-1592-1",
"http://www.ubuntu.com/usn/USN-1596-1",
"http://www.ubuntu.com/usn/USN-1615-1",
"http://www.ubuntu.com/usn/USN-1616-1",
"https://bugzilla.redhat.com/show_bug.cgi?id=750555"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "CWE-310"
},
"CVE-2012-6619": {
"id": "CVE-2012-6619",
"references": [
"http://blog.ptsecurity.com/2012/11/attacking-mongodb.html",
"http://rhn.redhat.com/errata/RHSA-2014-0230.html",
"http://rhn.redhat.com/errata/RHSA-2014-0440.html",
"http://www.openwall.com/lists/oss-security/2014/01/07/13",
"http://www.openwall.com/lists/oss-security/2014/01/07/2",
"http://www.openwall.com/lists/oss-security/2014/01/08/9",
"https://bugzilla.redhat.com/show_bug.cgi?id=1049748",
"https://jira.mongodb.org/browse/SERVER-7769",
"http://blog.ptsecurity.com/2012/11/attacking-mongodb.html",
"http://rhn.redhat.com/errata/RHSA-2014-0230.html",
"http://rhn.redhat.com/errata/RHSA-2014-0440.html",
"http://www.openwall.com/lists/oss-security/2014/01/07/13",
"http://www.openwall.com/lists/oss-security/2014/01/07/2",
"http://www.openwall.com/lists/oss-security/2014/01/08/9",
"https://bugzilla.redhat.com/show_bug.cgi?id=1049748",
"https://jira.mongodb.org/browse/SERVER-7769"
],
"score": 6.4,
"services": [
"27017/mongodb"
],
"severity": "medium",
"summary": "The default configuration for MongoDB before 2.3.2 does not validate objects, which allows remote authenticated users to cause a denial of service (crash) or read system memory via a crafted BSON object in the column name in an insert command, which triggers a buffer over-read.",
"vector_string": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"weakness": "CWE-20"
},
"CVE-2013-1892": {
"id": "CVE-2013-1892",
"references": [
"http://blog.scrt.ch/2013/03/24/mongodb-0-day-ssji-to-rce/",
"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101630.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101679.html",
"http://rhn.redhat.com/errata/RHSA-2013-1170.html",
"http://www.exploit-db.com/exploits/24935",
"http://www.exploit-db.com/exploits/24947",
"http://www.mongodb.org/about/alerts/",
"http://www.openwall.com/lists/oss-security/2013/03/25/9",
"https://jira.mongodb.org/browse/SERVER-9124",
"http://blog.scrt.ch/2013/03/24/mongodb-0-day-ssji-to-rce/",
"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101630.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101679.html",
"http://rhn.redhat.com/errata/RHSA-2013-1170.html",
"http://www.exploit-db.com/exploits/24935",
"http://www.exploit-db.com/exploits/24947",
"http://www.mongodb.org/about/alerts/",
"http://www.openwall.com/lists/oss-security/2013/03/25/9",
"https://jira.mongodb.org/browse/SERVER-9124"
],
"score": 6,
"services": [
"27017/mongodb"
],
"severity": "medium",
"summary": "MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arbitrary code via a crafted memory address in the first argument.",
"vector_string": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"weakness": "CWE-20"
},
"CVE-2013-2132": {
"id": "CVE-2013-2132",
"references": [
"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=710597",
"http://lists.opensuse.org/opensuse-updates/2013-06/msg00180.html",
"http://seclists.org/oss-sec/2013/q2/447",
"http://ubuntu.com/usn/usn-1897-1",
"http://www.debian.org/security/2013/dsa-2705",
"http://www.osvdb.org/93804",
"http://www.securityfocus.com/bid/60252",
"https://github.com/mongodb/mongo-python-driver/commit/a060c15ef87e0f0e72974c7c0e57fe811bbd06a2",
"https://jira.mongodb.org/browse/PYTHON-532",
"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=710597",
"http://lists.opensuse.org/opensuse-updates/2013-06/msg00180.html",
"http://seclists.org/oss-sec/2013/q2/447",
"http://ubuntu.com/usn/usn-1897-1",
"http://www.debian.org/security/2013/dsa-2705",
"http://www.osvdb.org/93804",
"http://www.securityfocus.com/bid/60252",
"https://github.com/mongodb/mongo-python-driver/commit/a060c15ef87e0f0e72974c7c0e57fe811bbd06a2",
"https://jira.mongodb.org/browse/PYTHON-532"
],
"score": 4.3,
"services": [
"27017/mongodb"
],
"severity": "medium",
"summary": "bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to decoding of an \"invalid DBRef.\"",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-2013-4238": {
"id": "CVE-2013-4238",
"references": [
"http://bugs.python.org/issue18709",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"http://lists.opensuse.org/opensuse-updates/2013-09/msg00026.html",
"http://lists.opensuse.org/opensuse-updates/2013-09/msg00027.html",
"http://lists.opensuse.org/opensuse-updates/2013-09/msg00028.html",
"http://lists.opensuse.org/opensuse-updates/2013-09/msg00029.html",
"http://lists.opensuse.org/opensuse-updates/2013-09/msg00042.html",
"http://lists.opensuse.org/opensuse-updates/2013-09/msg00043.html",
"http://rhn.redhat.com/errata/RHSA-2013-1582.html",
"http://seclists.org/fulldisclosure/2014/Dec/23",
"http://www.debian.org/security/2014/dsa-2880",
"http://www.securityfocus.com/archive/1/534161/100/0/threaded",
"http://www.ubuntu.com/usn/USN-1982-1",
"http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"https://bugzilla.redhat.com/show_bug.cgi?id=996381"
],
"score": 4.3,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"weakness": "CWE-20"
},
"CVE-2013-7440": {
"id": "CVE-2013-7440",
"references": [
"http://seclists.org/oss-sec/2015/q2/483",
"http://seclists.org/oss-sec/2015/q2/523",
"http://www.securityfocus.com/bid/74707",
"https://access.redhat.com/errata/RHSA-2016:1166",
"https://bugs.python.org/issue17997",
"https://bugzilla.redhat.com/show_bug.cgi?id=1224999",
"https://hg.python.org/cpython/rev/10d0edadbcdd",
"http://seclists.org/oss-sec/2015/q2/483",
"http://seclists.org/oss-sec/2015/q2/523",
"http://www.securityfocus.com/bid/74707",
"https://access.redhat.com/errata/RHSA-2016:1166",
"https://bugs.python.org/issue17997",
"https://bugzilla.redhat.com/show_bug.cgi?id=1224999",
"https://hg.python.org/cpython/rev/10d0edadbcdd"
],
"score": 5.9,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "The ssl.match_hostname function in CPython (aka Python) before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate.",
"vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-19"
},
"CVE-2014-1912": {
"id": "CVE-2014-1912",
"references": [
"http://bugs.python.org/issue20246",
"http://hg.python.org/cpython/rev/87673659d8f7",
"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"http://lists.opensuse.org/opensuse-updates/2014-04/msg00035.html",
"http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html",
"http://pastebin.com/raw.php?i=GHXSmNEg",
"http://rhn.redhat.com/errata/RHSA-2015-1064.html",
"http://rhn.redhat.com/errata/RHSA-2015-1330.html",
"http://www.debian.org/security/2014/dsa-2880",
"http://www.exploit-db.com/exploits/31875",
"http://www.openwall.com/lists/oss-security/2014/02/12/16",
"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"http://www.securityfocus.com/bid/65379",
"http://www.securitytracker.com/id/1029831",
"http://www.ubuntu.com/usn/USN-2125-1",
"https://security.gentoo.org/glsa/201503-10",
"https://support.apple.com/kb/HT205031",
"https://www.trustedsec.com/february-2014/python-remote-code-execution-socket-recvfrom_into/",
"http://bugs.python.org/issue20246",
"http://hg.python.org/cpython/rev/87673659d8f7",
"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"http://lists.opensuse.org/opensuse-updates/2014-04/msg00035.html",
"http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html",
"http://pastebin.com/raw.php?i=GHXSmNEg",
"http://rhn.redhat.com/errata/RHSA-2015-1064.html",
"http://rhn.redhat.com/errata/RHSA-2015-1330.html",
"http://www.debian.org/security/2014/dsa-2880",
"http://www.exploit-db.com/exploits/31875",
"http://www.openwall.com/lists/oss-security/2014/02/12/16",
"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"http://www.securityfocus.com/bid/65379",
"http://www.securitytracker.com/id/1029831",
"http://www.ubuntu.com/usn/USN-2125-1",
"https://security.gentoo.org/glsa/201503-10",
"https://support.apple.com/kb/HT205031",
"https://www.trustedsec.com/february-2014/python-remote-code-execution-socket-recvfrom_into/"
],
"score": 7.5,
"services": [
"8500/http"
],
"severity": "high",
"summary": "Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.",
"vector_string": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"weakness": "CWE-119"
},
"CVE-2014-4078": {
"id": "CVE-2014-4078",
"references": [
"http://www.securityfocus.com/bid/70937",
"http://www.securitytracker.com/id/1031194",
"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-076"
],
"score": 5.1,
"services": [
"5984/http"
],
"severity": "medium",
"summary": "The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the \"IP Address and Domain Restrictions\" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka \"IIS Security Feature Bypass Vulnerability.\"",
"vector_string": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"weakness": "CWE-264"
},
"CVE-2014-7185": {
"id": "CVE-2014-7185",
"references": [
"http://bugs.python.org/issue21831",
"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139663.html",
"http://lists.opensuse.org/opensuse-updates/2014-10/msg00016.html",
"http://rhn.redhat.com/errata/RHSA-2015-1064.html",
"http://rhn.redhat.com/errata/RHSA-2015-1330.html",
"http://www.openwall.com/lists/oss-security/2014/09/23/5",
"http://www.openwall.com/lists/oss-security/2014/09/25/47",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"http://www.securityfocus.com/bid/70089",
"https://bugzilla.redhat.com/show_bug.cgi?id=1146026",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/96193",
"https://security.gentoo.org/glsa/201503-10",
"https://support.apple.com/kb/HT205031",
"http://bugs.python.org/issue21831",
"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139663.html",
"http://lists.opensuse.org/opensuse-updates/2014-10/msg00016.html",
"http://rhn.redhat.com/errata/RHSA-2015-1064.html",
"http://rhn.redhat.com/errata/RHSA-2015-1330.html",
"http://www.openwall.com/lists/oss-security/2014/09/23/5",
"http://www.openwall.com/lists/oss-security/2014/09/25/47",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"http://www.securityfocus.com/bid/70089",
"https://bugzilla.redhat.com/show_bug.cgi?id=1146026",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/96193",
"https://security.gentoo.org/glsa/201503-10",
"https://support.apple.com/kb/HT205031"
],
"score": 6.4,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a \"buffer\" function.",
"vector_string": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"weakness": "CWE-189"
},
"CVE-2014-8180": {
"id": "CVE-2014-8180",
"references": [
"https://access.redhat.com/documentation/en-us/red_hat_satellite/6.2/html/installation_guide/preparing_your_environment_for_installation#restricting_access_to_mongod",
"https://bugzilla.redhat.com/show_bug.cgi?id=1301703",
"https://access.redhat.com/documentation/en-us/red_hat_satellite/6.2/html/installation_guide/preparing_your_environment_for_installation#restricting_access_to_mongod",
"https://bugzilla.redhat.com/show_bug.cgi?id=1301703"
],
"score": 5.5,
"services": [
"27017/mongodb"
],
"severity": "medium",
"summary": "MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service.",
"vector_string": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-287"
},
"CVE-2014-9365": {
"id": "CVE-2014-9365",
"references": [
"http://bugs.python.org/issue22417",
"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"http://www.openwall.com/lists/oss-security/2014/12/11/1",
"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html",
"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"http://www.securityfocus.com/bid/71639",
"https://access.redhat.com/errata/RHSA-2016:1166",
"https://access.redhat.com/errata/RHSA-2017:1162",
"https://access.redhat.com/errata/RHSA-2017:1868",
"https://security.gentoo.org/glsa/201503-10",
"https://support.apple.com/kb/HT205031",
"https://www.python.org/dev/peps/pep-0476/",
"https://www.python.org/downloads/release/python-279/",
"http://bugs.python.org/issue22417",
"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"http://www.openwall.com/lists/oss-security/2014/12/11/1",
"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html",
"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"http://www.securityfocus.com/bid/71639",
"https://access.redhat.com/errata/RHSA-2016:1166",
"https://access.redhat.com/errata/RHSA-2017:1162",
"https://access.redhat.com/errata/RHSA-2017:1868",
"https://security.gentoo.org/glsa/201503-10",
"https://support.apple.com/kb/HT205031",
"https://www.python.org/dev/peps/pep-0476/",
"https://www.python.org/downloads/release/python-279/"
],
"score": 5.8,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and (4) xmlrpclib libraries in CPython (aka Python) 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not (a) check the certificate against a trust store or verify that the server hostname matches a domain name in the subject's (b) Common Name or (c) subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.",
"vector_string": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"weakness": "NVD-CWE-Other"
},
"CVE-2015-1609": {
"id": "CVE-2015-1609",
"references": [
"http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152493.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153690.html",
"http://www.securitytracker.com/id/1034466",
"http://www.splunk.com/view/SP-CAAAPC3",
"https://jira.mongodb.org/browse/SERVER-17264",
"https://security.gentoo.org/glsa/201611-13",
"http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152493.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153690.html",
"http://www.securitytracker.com/id/1034466",
"http://www.splunk.com/view/SP-CAAAPC3",
"https://jira.mongodb.org/browse/SERVER-17264",
"https://security.gentoo.org/glsa/201611-13"
],
"score": 5,
"services": [
"27017/mongodb"
],
"severity": "medium",
"summary": "MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a BSON request.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "CWE-20"
},
"CVE-2015-3200": {
"id": "CVE-2015-3200",
"references": [
"http://jaanuskp.blogspot.com/2015/05/cve-2015-3200.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163223.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163286.html",
"http://redmine.lighttpd.net/issues/2646",
"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"http://www.securityfocus.com/bid/74813",
"http://www.securitytracker.com/id/1032405",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10310",
"http://jaanuskp.blogspot.com/2015/05/cve-2015-3200.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163223.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163286.html",
"http://redmine.lighttpd.net/issues/2646",
"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"http://www.securityfocus.com/bid/74813",
"http://www.securitytracker.com/id/1032405",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10310"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-74"
},
"CVE-2015-5652": {
"id": "CVE-2015-5652",
"references": [
"http://jvn.jp/en/jp/JVN49503705/995204/index.html",
"http://jvn.jp/en/jp/JVN49503705/index.html",
"http://jvndb.jvn.jp/jvndb/JVNDB-2015-000141",
"http://www.securityfocus.com/bid/76929",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755",
"http://jvn.jp/en/jp/JVN49503705/995204/index.html",
"http://jvn.jp/en/jp/JVN49503705/index.html",
"http://jvndb.jvn.jp/jvndb/JVNDB-2015-000141",
"http://www.securityfocus.com/bid/76929",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755"
],
"score": 7.2,
"services": [
"8500/http"
],
"severity": "high",
"summary": "Untrusted search path vulnerability in python.exe in Python through 3.5.0 on Windows allows local users to gain privileges via a Trojan horse readline.pyd file in the current working directory. NOTE: the vendor says \"It was determined that this is a longtime behavior of Python that cannot really be altered at this point.\"",
"vector_string": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"weakness": "NVD-CWE-Other"
},
"CVE-2015-9253": {
"id": "CVE-2015-9253",
"references": [
"https://bugs.php.net/bug.php?id=70185",
"https://bugs.php.net/bug.php?id=73342https://github.com/php/php-src/pull/3287",
"https://bugs.php.net/bug.php?id=75968",
"https://github.com/php/php-src/blob/PHP-7.1.20/NEWS#L20-L22",
"https://github.com/php/php-src/commit/69dee5c732fe982c82edb17d0dbc3e79a47748d8",
"https://usn.ubuntu.com/3766-1/",
"https://usn.ubuntu.com/4279-1/",
"https://www.futureweb.at/security/CVE-2015-9253/",
"https://bugs.php.net/bug.php?id=70185",
"https://bugs.php.net/bug.php?id=73342https://github.com/php/php-src/pull/3287",
"https://bugs.php.net/bug.php?id=75968",
"https://github.com/php/php-src/blob/PHP-7.1.20/NEWS#L20-L22",
"https://github.com/php/php-src/commit/69dee5c732fe982c82edb17d0dbc3e79a47748d8",
"https://usn.ubuntu.com/3766-1/",
"https://usn.ubuntu.com/4279-1/",
"https://www.futureweb.at/security/CVE-2015-9253/"
],
"score": 6.5,
"services": [
"6379/echo"
],
"severity": "medium",
"summary": "An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this master process to consume 100% of the CPU, and consume disk space with a large volume of error logs, as demonstrated by an attack by a customer of a shared-hosting facility.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-400"
},
"CVE-2016-0772": {
"id": "CVE-2016-0772",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"http://rhn.redhat.com/errata/RHSA-2016-1626.html",
"http://rhn.redhat.com/errata/RHSA-2016-1627.html",
"http://rhn.redhat.com/errata/RHSA-2016-1628.html",
"http://rhn.redhat.com/errata/RHSA-2016-1629.html",
"http://rhn.redhat.com/errata/RHSA-2016-1630.html",
"http://www.openwall.com/lists/oss-security/2016/06/14/9",
"http://www.securityfocus.com/bid/91225",
"http://www.splunk.com/view/SP-CAAAPSV",
"http://www.splunk.com/view/SP-CAAAPUE",
"https://bugzilla.redhat.com/show_bug.cgi?id=1303647",
"https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-5",
"https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-2",
"https://hg.python.org/cpython/raw-file/v2.7.12/Misc/NEWS",
"https://hg.python.org/cpython/rev/b3ce713fb9be",
"https://hg.python.org/cpython/rev/d590114c2394",
"https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html",
"https://security.gentoo.org/glsa/201701-18",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"http://rhn.redhat.com/errata/RHSA-2016-1626.html",
"http://rhn.redhat.com/errata/RHSA-2016-1627.html",
"http://rhn.redhat.com/errata/RHSA-2016-1628.html",
"http://rhn.redhat.com/errata/RHSA-2016-1629.html",
"http://rhn.redhat.com/errata/RHSA-2016-1630.html",
"http://www.openwall.com/lists/oss-security/2016/06/14/9",
"http://www.securityfocus.com/bid/91225",
"http://www.splunk.com/view/SP-CAAAPSV",
"http://www.splunk.com/view/SP-CAAAPUE",
"https://bugzilla.redhat.com/show_bug.cgi?id=1303647",
"https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-5",
"https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-2",
"https://hg.python.org/cpython/raw-file/v2.7.12/Misc/NEWS",
"https://hg.python.org/cpython/rev/b3ce713fb9be",
"https://hg.python.org/cpython/rev/d590114c2394",
"https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html",
"https://security.gentoo.org/glsa/201701-18"
],
"score": 6.5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a \"StartTLS stripping attack.\"",
"vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N",
"weakness": "CWE-693"
},
"CVE-2016-5636": {
"id": "CVE-2016-5636",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"http://rhn.redhat.com/errata/RHSA-2016-2586.html",
"http://www.openwall.com/lists/oss-security/2016/06/15/15",
"http://www.openwall.com/lists/oss-security/2016/06/16/1",
"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"http://www.securityfocus.com/bid/91247",
"http://www.securitytracker.com/id/1038138",
"http://www.splunk.com/view/SP-CAAAPSV",
"http://www.splunk.com/view/SP-CAAAPUE",
"https://bugs.python.org/issue26171",
"https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-5",
"https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-2",
"https://hg.python.org/cpython/raw-file/v2.7.12/Misc/NEWS",
"https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html",
"https://security.gentoo.org/glsa/201701-18",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"http://rhn.redhat.com/errata/RHSA-2016-2586.html",
"http://www.openwall.com/lists/oss-security/2016/06/15/15",
"http://www.openwall.com/lists/oss-security/2016/06/16/1",
"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"http://www.securityfocus.com/bid/91247",
"http://www.securitytracker.com/id/1038138",
"http://www.splunk.com/view/SP-CAAAPSV",
"http://www.splunk.com/view/SP-CAAAPUE",
"https://bugs.python.org/issue26171",
"https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-5",
"https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-2",
"https://hg.python.org/cpython/raw-file/v2.7.12/Misc/NEWS",
"https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html",
"https://security.gentoo.org/glsa/201701-18"
],
"score": 9.8,
"services": [
"8500/http"
],
"severity": "critical",
"summary": "Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer overflow.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-190"
},
"CVE-2016-5699": {
"id": "CVE-2016-5699",
"references": [
"http://blog.blindspotsecurity.com/2016/06/advisory-http-header-injection-in.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"http://rhn.redhat.com/errata/RHSA-2016-1626.html",
"http://rhn.redhat.com/errata/RHSA-2016-1627.html",
"http://rhn.redhat.com/errata/RHSA-2016-1628.html",
"http://rhn.redhat.com/errata/RHSA-2016-1629.html",
"http://rhn.redhat.com/errata/RHSA-2016-1630.html",
"http://www.openwall.com/lists/oss-security/2016/06/14/7",
"http://www.openwall.com/lists/oss-security/2016/06/15/12",
"http://www.openwall.com/lists/oss-security/2016/06/16/2",
"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"http://www.securityfocus.com/bid/91226",
"http://www.splunk.com/view/SP-CAAAPSV",
"http://www.splunk.com/view/SP-CAAAPUE",
"https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-4",
"https://hg.python.org/cpython/raw-file/v2.7.10/Misc/NEWS",
"https://hg.python.org/cpython/rev/1c45047c5102",
"https://hg.python.org/cpython/rev/bf3e1c9b80e9",
"https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html",
"http://blog.blindspotsecurity.com/2016/06/advisory-http-header-injection-in.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"http://rhn.redhat.com/errata/RHSA-2016-1626.html",
"http://rhn.redhat.com/errata/RHSA-2016-1627.html",
"http://rhn.redhat.com/errata/RHSA-2016-1628.html",
"http://rhn.redhat.com/errata/RHSA-2016-1629.html",
"http://rhn.redhat.com/errata/RHSA-2016-1630.html",
"http://www.openwall.com/lists/oss-security/2016/06/14/7",
"http://www.openwall.com/lists/oss-security/2016/06/15/12",
"http://www.openwall.com/lists/oss-security/2016/06/16/2",
"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"http://www.securityfocus.com/bid/91226",
"http://www.splunk.com/view/SP-CAAAPSV",
"http://www.splunk.com/view/SP-CAAAPUE",
"https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-4",
"https://hg.python.org/cpython/raw-file/v2.7.10/Misc/NEWS",
"https://hg.python.org/cpython/rev/1c45047c5102",
"https://hg.python.org/cpython/rev/bf3e1c9b80e9",
"https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html"
],
"score": 6.1,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-113"
},
"CVE-2016-6494": {
"id": "CVE-2016-6494",
"references": [
"http://www.openwall.com/lists/oss-security/2016/07/29/4",
"http://www.openwall.com/lists/oss-security/2016/07/29/8",
"http://www.securityfocus.com/bid/92204",
"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832908",
"https://bugzilla.redhat.com/show_bug.cgi?id=1362553",
"https://github.com/mongodb/mongo/commit/035cf2afc04988b22cb67f4ebfd77e9b344cb6e0",
"https://jira.mongodb.org/browse/SERVER-25335",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MCE2ZLFBNOK3TTWSTXZJQGZVP4EEJDL/",
"http://www.openwall.com/lists/oss-security/2016/07/29/4",
"http://www.openwall.com/lists/oss-security/2016/07/29/8",
"http://www.securityfocus.com/bid/92204",
"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832908",
"https://bugzilla.redhat.com/show_bug.cgi?id=1362553",
"https://github.com/mongodb/mongo/commit/035cf2afc04988b22cb67f4ebfd77e9b344cb6e0",
"https://jira.mongodb.org/browse/SERVER-25335",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MCE2ZLFBNOK3TTWSTXZJQGZVP4EEJDL/"
],
"score": 5.5,
"services": [
"27017/mongodb"
],
"severity": "medium",
"summary": "The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files.",
"vector_string": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-200"
},
"CVE-2016-9589": {
"id": "CVE-2016-9589",
"references": [
"http://rhn.redhat.com/errata/RHSA-2017-0830.html",
"http://rhn.redhat.com/errata/RHSA-2017-0831.html",
"http://rhn.redhat.com/errata/RHSA-2017-0832.html",
"http://rhn.redhat.com/errata/RHSA-2017-0834.html",
"http://rhn.redhat.com/errata/RHSA-2017-0876.html",
"http://www.securityfocus.com/bid/97060",
"https://access.redhat.com/errata/RHSA-2017:0872",
"https://access.redhat.com/errata/RHSA-2017:0873",
"https://access.redhat.com/errata/RHSA-2017:3454",
"https://access.redhat.com/errata/RHSA-2017:3455",
"https://access.redhat.com/errata/RHSA-2017:3456",
"https://access.redhat.com/errata/RHSA-2017:3458",
"https://bugzilla.redhat.com/show_bug.cgi?id=1404782"
],
"score": 7.5,
"services": [
"9042/http"
],
"severity": "high",
"summary": "Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to \"max-headers\" (default 200) * \"max-header-size\" (default 1MB) per active TCP connection.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-400"
},
"CVE-2017-1000158": {
"id": "CVE-2017-1000158",
"references": [
"http://www.securitytracker.com/id/1039890",
"https://bugs.python.org/issue30657",
"https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html",
"https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html",
"https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
"https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
"https://security.gentoo.org/glsa/201805-02",
"https://security.netapp.com/advisory/ntap-20230216-0001/",
"https://www.debian.org/security/2018/dsa-4307",
"http://www.securitytracker.com/id/1039890",
"https://bugs.python.org/issue30657",
"https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html",
"https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html",
"https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
"https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
"https://security.gentoo.org/glsa/201805-02",
"https://security.netapp.com/advisory/ntap-20230216-0001/",
"https://www.debian.org/security/2018/dsa-4307"
],
"score": 9.8,
"services": [
"8500/http"
],
"severity": "critical",
"summary": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-190"
},
"CVE-2017-15710": {
"id": "CVE-2017-15710",
"references": [
"http://www.openwall.com/lists/oss-security/2018/03/24/8",
"http://www.securityfocus.com/bid/103512",
"http://www.securitytracker.com/id/1040569",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2018/05/msg00020.html",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://usn.ubuntu.com/3937-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset conversion table, a fallback mechanism is used to truncate it to a two characters value to allow a quick retry (for example, 'en-US' is truncated to 'en'). A header value of less than two characters forces an out of bound write of one NUL byte to a memory location that is not part of the string. In the worst case, quite unlikely, the process would crash which could be used as a Denial of Service attack. In the more likely case, this memory is already reserved for future use and the issue has no effect at all.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-787"
},
"CVE-2017-15715": {
"id": "CVE-2017-15715",
"references": [
"http://www.openwall.com/lists/oss-security/2018/03/24/6",
"http://www.securityfocus.com/bid/103525",
"http://www.securitytracker.com/id/1040570",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://security.elarlang.eu/cve-2017-15715-apache-http-server-filesmatch-bypass-with-a-trailing-newline-at-the-end-of-the-file-name.html",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09",
"http://www.openwall.com/lists/oss-security/2018/03/24/6",
"http://www.securityfocus.com/bid/103525",
"http://www.securitytracker.com/id/1040570",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://security.elarlang.eu/cve-2017-15715-apache-http-server-filesmatch-bypass-with-a-trailing-newline-at-the-end-of-the-file-name.html",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 8.1,
"services": [
"9200/http"
],
"severity": "high",
"summary": "In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the trailing portion of the filename.",
"vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-20"
},
"CVE-2017-17522": {
"id": "CVE-2017-17522",
"references": [
"http://www.securityfocus.com/bid/102207",
"https://bugs.python.org/issue32367",
"https://security-tracker.debian.org/tracker/CVE-2017-17522",
"http://www.securityfocus.com/bid/102207",
"https://bugs.python.org/issue32367",
"https://security-tracker.debian.org/tracker/CVE-2017-17522"
],
"score": 8.8,
"services": [
"8500/http"
],
"severity": "high",
"summary": "Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"weakness": "CWE-74"
},
"CVE-2017-18207": {
"id": "CVE-2017-18207",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"https://bugs.python.org/issue32056",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"https://bugs.python.org/issue32056"
],
"score": 6.5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disputes this issue because Python applications \"need to be prepared to handle a wide variety of exceptions.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"weakness": "CWE-369"
},
"CVE-2017-7272": {
"id": "CVE-2017-7272",
"references": [
"http://www.securityfocus.com/bid/97178",
"http://www.securitytracker.com/id/1038158",
"https://bugs.php.net/bug.php?id=74216",
"https://bugs.php.net/bug.php?id=75505",
"https://github.com/php/php-src/commit/bab0b99f376dac9170ac81382a5ed526938d595a",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170403-0_PHP_Misbehavior_of_fsockopen_function_v10.txt",
"http://www.securityfocus.com/bid/97178",
"http://www.securitytracker.com/id/1038158",
"https://bugs.php.net/bug.php?id=74216",
"https://bugs.php.net/bug.php?id=75505",
"https://github.com/php/php-src/commit/bab0b99f376dac9170ac81382a5ed526938d595a",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170403-0_PHP_Misbehavior_of_fsockopen_function_v10.txt"
],
"score": 7.4,
"services": [
"6379/echo"
],
"severity": "high",
"summary": "PHP through 7.1.11 enables potential SSRF in applications that accept an fsockopen or pfsockopen hostname argument with an expectation that the port number is constrained. Because a :port syntax is recognized, fsockopen will use the port number that is specified in the hostname argument, instead of the port number in the second argument of the function.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N",
"weakness": "CWE-918"
},
"CVE-2017-7963": {
"id": "CVE-2017-7963",
"references": [
"https://bugs.php.net/bug.php?id=74308",
"https://bugs.php.net/bug.php?id=74308"
],
"score": 7.5,
"services": [
"6379/echo"
],
"severity": "high",
"summary": "The GNU Multiple Precision Arithmetic Library (GMP) interfaces for PHP through 7.1.4 allow attackers to cause a denial of service (memory consumption and application crash) via operations on long strings. NOTE: the vendor disputes this, stating \"There is no security issue here, because GMP safely aborts in case of an OOM condition. The only attack vector here is denial of service. However, if you allow attacker-controlled, unbounded allocations you have a DoS vector regardless of GMP's OOM behavior.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-770"
},
"CVE-2017-8923": {
"id": "CVE-2017-8923",
"references": [
"http://www.securityfocus.com/bid/98518",
"https://bugs.php.net/bug.php?id=74577",
"http://www.securityfocus.com/bid/98518",
"https://bugs.php.net/bug.php?id=74577",
"https://security.netapp.com/advisory/ntap-20241227-0007/"
],
"score": 9.8,
"services": [
"6379/echo"
],
"severity": "critical",
"summary": "The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script's use of .= with a long string.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2017-9798": {
"id": "CVE-2017-9798",
"references": [
"http://openwall.com/lists/oss-security/2017/09/18/2",
"http://www.debian.org/security/2017/dsa-3980",
"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"http://www.securityfocus.com/bid/100872",
"http://www.securityfocus.com/bid/105598",
"http://www.securitytracker.com/id/1039387",
"https://access.redhat.com/errata/RHSA-2017:2882",
"https://access.redhat.com/errata/RHSA-2017:2972",
"https://access.redhat.com/errata/RHSA-2017:3018",
"https://access.redhat.com/errata/RHSA-2017:3113",
"https://access.redhat.com/errata/RHSA-2017:3114",
"https://access.redhat.com/errata/RHSA-2017:3193",
"https://access.redhat.com/errata/RHSA-2017:3194",
"https://access.redhat.com/errata/RHSA-2017:3195",
"https://access.redhat.com/errata/RHSA-2017:3239",
"https://access.redhat.com/errata/RHSA-2017:3240",
"https://access.redhat.com/errata/RHSA-2017:3475",
"https://access.redhat.com/errata/RHSA-2017:3476",
"https://access.redhat.com/errata/RHSA-2017:3477",
"https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch",
"https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a",
"https://github.com/hannob/optionsbleed",
"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security-tracker.debian.org/tracker/CVE-2017-9798",
"https://security.gentoo.org/glsa/201710-32",
"https://security.netapp.com/advisory/ntap-20180601-0003/",
"https://support.apple.com/HT208331",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch",
"https://www.exploit-db.com/exploits/42745/",
"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"https://www.tenable.com/security/tns-2019-09",
"http://openwall.com/lists/oss-security/2017/09/18/2",
"http://www.debian.org/security/2017/dsa-3980",
"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"http://www.securityfocus.com/bid/100872",
"http://www.securityfocus.com/bid/105598",
"http://www.securitytracker.com/id/1039387",
"https://access.redhat.com/errata/RHSA-2017:2882",
"https://access.redhat.com/errata/RHSA-2017:2972",
"https://access.redhat.com/errata/RHSA-2017:3018",
"https://access.redhat.com/errata/RHSA-2017:3113",
"https://access.redhat.com/errata/RHSA-2017:3114",
"https://access.redhat.com/errata/RHSA-2017:3193",
"https://access.redhat.com/errata/RHSA-2017:3194",
"https://access.redhat.com/errata/RHSA-2017:3195",
"https://access.redhat.com/errata/RHSA-2017:3239",
"https://access.redhat.com/errata/RHSA-2017:3240",
"https://access.redhat.com/errata/RHSA-2017:3475",
"https://access.redhat.com/errata/RHSA-2017:3476",
"https://access.redhat.com/errata/RHSA-2017:3477",
"https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch",
"https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a",
"https://github.com/hannob/optionsbleed",
"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security-tracker.debian.org/tracker/CVE-2017-9798",
"https://security.gentoo.org/glsa/201710-32",
"https://security.netapp.com/advisory/ntap-20180601-0003/",
"https://support.apple.com/HT208331",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch",
"https://www.exploit-db.com/exploits/42745/",
"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-416"
},
"CVE-2018-1000024": {
"id": "CVE-2018-1000024",
"references": [
"http://www.squid-cache.org/Advisories/SQUID-2018_1.txt",
"http://www.squid-cache.org/Versions/",
"https://lists.debian.org/debian-lts-announce/2018/02/msg00001.html",
"https://usn.ubuntu.com/3557-1/",
"https://usn.ubuntu.com/4059-2/",
"https://www.debian.org/security/2018/dsa-4122",
"http://www.squid-cache.org/Advisories/SQUID-2018_1.txt",
"http://www.squid-cache.org/Versions/",
"https://lists.debian.org/debian-lts-announce/2018/02/msg00001.html",
"https://usn.ubuntu.com/3557-1/",
"https://usn.ubuntu.com/4059-2/",
"https://www.debian.org/security/2018/dsa-4122"
],
"score": 7.5,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2018-1000027": {
"id": "CVE-2018-1000027",
"references": [
"http://www.squid-cache.org/Advisories/SQUID-2018_2.txt",
"http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2018_2.patch",
"http://www.squid-cache.org/Versions/v4/changesets/SQUID-2018_2.patch",
"https://github.com/squid-cache/squid/pull/129/files",
"https://lists.debian.org/debian-lts-announce/2018/02/msg00001.html",
"https://lists.debian.org/debian-lts-announce/2018/02/msg00002.html",
"https://usn.ubuntu.com/3557-1/",
"https://usn.ubuntu.com/4059-2/",
"https://www.debian.org/security/2018/dsa-4122",
"http://www.squid-cache.org/Advisories/SQUID-2018_2.txt",
"http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2018_2.patch",
"http://www.squid-cache.org/Versions/v4/changesets/SQUID-2018_2.patch",
"https://github.com/squid-cache/squid/pull/129/files",
"https://lists.debian.org/debian-lts-announce/2018/02/msg00001.html",
"https://lists.debian.org/debian-lts-announce/2018/02/msg00002.html",
"https://usn.ubuntu.com/3557-1/",
"https://usn.ubuntu.com/4059-2/",
"https://www.debian.org/security/2018/dsa-4122"
],
"score": 7.5,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2018-1000030": {
"id": "CVE-2018-1000030",
"references": [
"https://bugs.python.org/issue31530",
"https://drive.google.com/file/d/1oyR9DAZjZK_SCn3mor6NRAYLJS6ueXaY/view",
"https://security.gentoo.org/glsa/201811-02",
"https://usn.ubuntu.com/3817-1/",
"https://usn.ubuntu.com/3817-2/",
"https://www.dropbox.com/sh/sj3ee7xv55j36k7/AADwP-YfOYikBMuy32e0uvPFa?dl=0",
"https://www.oracle.com/security-alerts/cpujan2020.html",
"https://bugs.python.org/issue31530",
"https://drive.google.com/file/d/1oyR9DAZjZK_SCn3mor6NRAYLJS6ueXaY/view",
"https://security.gentoo.org/glsa/201811-02",
"https://usn.ubuntu.com/3817-1/",
"https://usn.ubuntu.com/3817-2/",
"https://www.dropbox.com/sh/sj3ee7xv55j36k7/AADwP-YfOYikBMuy32e0uvPFa?dl=0",
"https://www.oracle.com/security-alerts/cpujan2020.html"
],
"score": 3.6,
"services": [
"8500/http"
],
"severity": "low",
"summary": "Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be vulnerable however this has not been confirmed. The vulnerability lies when multiply threads are handling large amounts of data. In both cases there is essentially a race condition that occurs. For the Heap-Buffer-Overflow, Thread 2 is creating the size for a buffer, but Thread1 is already writing to the buffer without knowing how much to write. So when a large amount of data is being processed, it is very easy to cause memory corruption using a Heap-Buffer-Overflow. As for the Use-After-Free, Thread3->Malloc->Thread1->Free's->Thread2-Re-uses-Free'd Memory. The PSRT has stated that this is not a security vulnerability due to the fact that the attacker must be able to run code, however in some situations, such as function as a service, this vulnerability can potentially be used by an attacker to violate a trust boundary, as such the DWF feels this issue deserves a CVE.",
"vector_string": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L",
"weakness": "CWE-416"
},
"CVE-2018-1061": {
"id": "CVE-2018-1061",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"http://www.securitytracker.com/id/1042001",
"https://access.redhat.com/errata/RHBA-2019:0327",
"https://access.redhat.com/errata/RHSA-2018:3041",
"https://access.redhat.com/errata/RHSA-2018:3505",
"https://access.redhat.com/errata/RHSA-2019:1260",
"https://access.redhat.com/errata/RHSA-2019:3725",
"https://bugs.python.org/issue32981",
"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1061",
"https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-6-release-candidate-1",
"https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-5-release-candidate-1",
"https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
"https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03951en_us",
"https://usn.ubuntu.com/3817-1/",
"https://usn.ubuntu.com/3817-2/",
"https://www.debian.org/security/2018/dsa-4306",
"https://www.debian.org/security/2018/dsa-4307",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"http://www.securitytracker.com/id/1042001",
"https://access.redhat.com/errata/RHBA-2019:0327",
"https://access.redhat.com/errata/RHSA-2018:3041",
"https://access.redhat.com/errata/RHSA-2018:3505",
"https://access.redhat.com/errata/RHSA-2019:1260",
"https://access.redhat.com/errata/RHSA-2019:3725",
"https://bugs.python.org/issue32981",
"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1061",
"https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-6-release-candidate-1",
"https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-5-release-candidate-1",
"https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
"https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03951en_us",
"https://usn.ubuntu.com/3817-1/",
"https://usn.ubuntu.com/3817-2/",
"https://www.debian.org/security/2018/dsa-4306",
"https://www.debian.org/security/2018/dsa-4307"
],
"score": 6.5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"weakness": "CWE-20"
},
"CVE-2018-1172": {
"id": "CVE-2018-1172",
"references": [
"http://www.squid-cache.org/Advisories/SQUID-2018_3.txt",
"https://zerodayinitiative.com/advisories/ZDI-18-309"
],
"score": 5.9,
"services": [
"27018/http-proxy"
],
"severity": "medium",
"summary": "This vulnerability allows remote attackers to deny service on vulnerable installations of The Squid Software Foundation Squid 3.5.27-20180318. Authentication is not required to exploit this vulnerability. The specific flaw exists within ClientRequestContext::sslBumpAccessCheck(). A crafted request can trigger the dereference of a null pointer. An attacker can leverage this vulnerability to create a denial-of-service condition to users of the system. Was ZDI-CAN-6088.",
"vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2018-11763": {
"id": "CVE-2018-11763",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html",
"http://www.securityfocus.com/bid/105414",
"http://www.securitytracker.com/id/1041713",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20190204-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3783-1/",
"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 5.9,
"services": [
"9200/http"
],
"severity": "medium",
"summary": "In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol.",
"vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2018-1283": {
"id": "CVE-2018-1283",
"references": [
"http://www.openwall.com/lists/oss-security/2018/03/24/4",
"http://www.securityfocus.com/bid/103520",
"http://www.securitytracker.com/id/1040568",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09",
"http://www.openwall.com/lists/oss-security/2018/03/24/4",
"http://www.securityfocus.com/bid/103520",
"http://www.securitytracker.com/id/1040568",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 5.3,
"services": [
"9200/http"
],
"severity": "medium",
"summary": "In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a \"Session\" header. This comes from the \"HTTP_SESSION\" variable name used by mod_session to forward its data to CGIs, since the prefix \"HTTP_\" is also used by the Apache HTTP Server to pass HTTP header fields, per CGI specifications.",
"vector_string": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2018-1301": {
"id": "CVE-2018-1301",
"references": [
"http://www.openwall.com/lists/oss-security/2018/03/24/2",
"http://www.securityfocus.com/bid/103515",
"http://www.securitytracker.com/id/1040573",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2018/05/msg00020.html",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://usn.ubuntu.com/3937-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09",
"http://www.openwall.com/lists/oss-security/2018/03/24/2",
"http://www.securityfocus.com/bid/103515",
"http://www.securitytracker.com/id/1040573",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2018/05/msg00020.html",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://usn.ubuntu.com/3937-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 5.9,
"services": [
"9200/http"
],
"severity": "medium",
"summary": "A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both log and build level), so it is classified as low risk for common server usage.",
"vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-119"
},
"CVE-2018-1302": {
"id": "CVE-2018-1302",
"references": [
"http://www.openwall.com/lists/oss-security/2018/03/24/5",
"http://www.securityfocus.com/bid/103528",
"http://www.securitytracker.com/id/1040567",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3783-1/",
"https://www.tenable.com/security/tns-2019-09",
"http://www.openwall.com/lists/oss-security/2018/03/24/5",
"http://www.securityfocus.com/bid/103528",
"http://www.securitytracker.com/id/1040567",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3783-1/",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 5.9,
"services": [
"9200/http"
],
"severity": "medium",
"summary": "When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability hard to trigger in usual configurations, the reporter and the team could not reproduce it outside debug builds, so it is classified as low risk.",
"vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2018-1303": {
"id": "CVE-2018-1303",
"references": [
"http://www.openwall.com/lists/oss-security/2018/03/24/3",
"http://www.securityfocus.com/bid/103522",
"http://www.securitytracker.com/id/1040572",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09",
"http://www.openwall.com/lists/oss-security/2018/03/24/3",
"http://www.securityfocus.com/bid/103522",
"http://www.securitytracker.com/id/1040572",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of mod_cache_socache. The vulnerability is considered as low risk since mod_cache_socache is not widely used, mod_cache_disk is not concerned by this vulnerability.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-125"
},
"CVE-2018-1312": {
"id": "CVE-2018-1312",
"references": [
"http://www.openwall.com/lists/oss-security/2018/03/24/7",
"http://www.securityfocus.com/bid/103524",
"http://www.securitytracker.com/id/1040571",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://access.redhat.com/errata/RHSA-2019:1898",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2018/05/msg00020.html",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://usn.ubuntu.com/3937-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 9.8,
"services": [
"9200/http"
],
"severity": "critical",
"summary": "In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed across servers by an attacker without detection.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-287"
},
"CVE-2018-1333": {
"id": "CVE-2018-1333",
"references": [
"http://www.securitytracker.com/id/1041402",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-1333",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20180926-0007/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3783-1/",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. Fixed in Apache HTTP Server 2.4.34 (Affected 2.4.18-2.4.30,2.4.33).",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-400"
},
"CVE-2018-15891": {
"id": "CVE-2018-15891",
"references": [
"https://wiki.freepbx.org/display/FOP/2018-09-11+Core+Stored+XSS?src=contextnavpagetreemode",
"https://www.freepbx.org/",
"https://wiki.freepbx.org/display/FOP/2018-09-11+Core+Stored+XSS?src=contextnavpagetreemode",
"https://www.freepbx.org/"
],
"score": 4.8,
"services": [
"443/sip-proxy"
],
"severity": "medium",
"summary": "An issue was discovered in FreePBX core before 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a request for adding Asterisk modules, an attacker is able to store JavaScript commands in a module name.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-79"
},
"CVE-2018-17189": {
"id": "CVE-2018-17189",
"references": [
"http://www.securityfocus.com/bid/106685",
"https://access.redhat.com/errata/RHSA-2019:3932",
"https://access.redhat.com/errata/RHSA-2019:3933",
"https://access.redhat.com/errata/RHSA-2019:3935",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IY7SJQOO3PYFVINZW6H5EK4EZ3HSGZNM/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U7N3DUEBFVGQWQEME5HTPTTKDHGHBAC6/",
"https://seclists.org/bugtraq/2019/Apr/5",
"https://security.gentoo.org/glsa/201903-21",
"https://security.netapp.com/advisory/ntap-20190125-0001/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/3937-1/",
"https://www.debian.org/security/2019/dsa-4422",
"https://www.oracle.com/security-alerts/cpujan2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 5.3,
"services": [
"9200/http"
],
"severity": "medium",
"summary": "In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"weakness": "CWE-400"
},
"CVE-2018-17199": {
"id": "CVE-2018-17199",
"references": [
"http://www.securityfocus.com/bid/106742",
"https://access.redhat.com/errata/RHSA-2019:3932",
"https://access.redhat.com/errata/RHSA-2019:3933",
"https://access.redhat.com/errata/RHSA-2019:3935",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/01/msg00024.html",
"https://seclists.org/bugtraq/2019/Apr/5",
"https://security.gentoo.org/glsa/201903-21",
"https://security.netapp.com/advisory/ntap-20190125-0001/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/3937-1/",
"https://www.debian.org/security/2019/dsa-4422",
"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.tenable.com/security/tns-2019-09",
"http://www.securityfocus.com/bid/106742",
"https://access.redhat.com/errata/RHSA-2019:3932",
"https://access.redhat.com/errata/RHSA-2019:3933",
"https://access.redhat.com/errata/RHSA-2019:3935",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/01/msg00024.html",
"https://seclists.org/bugtraq/2019/Apr/5",
"https://security.gentoo.org/glsa/201903-21",
"https://security.netapp.com/advisory/ntap-20190125-0001/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/3937-1/",
"https://www.debian.org/security/2019/dsa-4422",
"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-384"
},
"CVE-2018-19052": {
"id": "CVE-2018-19052",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00054.html",
"https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1",
"https://lists.debian.org/debian-lts-announce/2022/01/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00054.html",
"https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1",
"https://lists.debian.org/debian-lts-announce/2022/01/msg00012.html"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-22"
},
"CVE-2018-19131": {
"id": "CVE-2018-19131",
"references": [
"http://www.squid-cache.org/Advisories/SQUID-2018_4.txt",
"http://www.squid-cache.org/Versions/v5/changesets/squid-5-6feeb15ff312f3e145763adf8d234ed6a0b3f11d.patch",
"https://github.com/squid-cache/squid/pull/306",
"http://www.squid-cache.org/Advisories/SQUID-2018_4.txt",
"http://www.squid-cache.org/Versions/v5/changesets/squid-5-6feeb15ff312f3e145763adf8d234ed6a0b3f11d.patch",
"https://github.com/squid-cache/squid/pull/306"
],
"score": 6.1,
"services": [
"27018/http-proxy"
],
"severity": "medium",
"summary": "Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-79"
},
"CVE-2018-19132": {
"id": "CVE-2018-19132",
"references": [
"http://www.squid-cache.org/Advisories/SQUID-2018_5.txt",
"http://www.squid-cache.org/Versions/v5/changesets/squid-5-644131ff1e00c1895d77561f561d29c104ba6b11.patch",
"https://github.com/squid-cache/squid/pull/313",
"https://lists.debian.org/debian-lts-announce/2018/11/msg00032.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://usn.ubuntu.com/4059-1/",
"http://www.squid-cache.org/Advisories/SQUID-2018_5.txt",
"http://www.squid-cache.org/Versions/v5/changesets/squid-5-644131ff1e00c1895d77561f561d29c104ba6b11.patch",
"https://github.com/squid-cache/squid/pull/313",
"https://lists.debian.org/debian-lts-announce/2018/11/msg00032.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://usn.ubuntu.com/4059-1/"
],
"score": 5.9,
"services": [
"27018/http-proxy"
],
"severity": "medium",
"summary": "Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.",
"vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-772"
},
"CVE-2018-19395": {
"id": "CVE-2018-19395",
"references": [
"http://www.securityfocus.com/bid/105989",
"https://bugs.php.net/bug.php?id=77177",
"https://security.netapp.com/advisory/ntap-20181221-0005/",
"http://www.securityfocus.com/bid/105989",
"https://bugs.php.net/bug.php?id=77177",
"https://security.netapp.com/advisory/ntap-20181221-0005/"
],
"score": 7.5,
"services": [
"6379/echo"
],
"severity": "high",
"summary": "ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service (NULL pointer dereference and application crash) because com and com_safearray_proxy return NULL in com_properties_get in ext/com_dotnet/com_handlers.c, as demonstrated by a serialize call on COM(\"WScript.Shell\").",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2018-19396": {
"id": "CVE-2018-19396",
"references": [
"http://www.securityfocus.com/bid/105989",
"https://bugs.php.net/bug.php?id=77177",
"https://security.netapp.com/advisory/ntap-20181221-0005/",
"http://www.securityfocus.com/bid/105989",
"https://bugs.php.net/bug.php?id=77177",
"https://security.netapp.com/advisory/ntap-20181221-0005/"
],
"score": 7.5,
"services": [
"6379/echo"
],
"severity": "high",
"summary": "ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-502"
},
"CVE-2018-20852": {
"id": "CVE-2018-20852",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00071.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00074.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"https://access.redhat.com/errata/RHSA-2019:3725",
"https://access.redhat.com/errata/RHSA-2019:3948",
"https://bugs.python.org/issue35121",
"https://lists.debian.org/debian-lts-announce/2019/08/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2019/08/msg00040.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/",
"https://python-security.readthedocs.io/vuln/cookie-domain-check.html",
"https://security.gentoo.org/glsa/202003-26",
"https://usn.ubuntu.com/4127-1/",
"https://usn.ubuntu.com/4127-2/",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00071.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00074.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"https://access.redhat.com/errata/RHSA-2019:3725",
"https://access.redhat.com/errata/RHSA-2019:3948",
"https://bugs.python.org/issue35121",
"https://lists.debian.org/debian-lts-announce/2019/08/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2019/08/msg00040.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/",
"https://python-security.readthedocs.io/vuln/cookie-domain-check.html",
"https://security.gentoo.org/glsa/202003-26",
"https://usn.ubuntu.com/4127-1/",
"https://usn.ubuntu.com/4127-2/",
"https://www.oracle.com/security-alerts/cpuapr2020.html"
],
"score": 5.3,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostname as a suffix (e.g., pythonicexample.com to steal cookies for example.com). When a program uses http.cookiejar.DefaultPolicy and tries to do an HTTP connection to an attacker-controlled server, existing cookies can be leaked to the attacker. This affects 2.x through 2.7.16, 3.x before 3.4.10, 3.5.x before 3.5.7, 3.6.x before 3.6.9, and 3.7.x before 3.7.3.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"weakness": "CWE-20"
},
"CVE-2019-0196": {
"id": "CVE-2019-0196",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html",
"http://www.apache.org/dist/httpd/CHANGES_2.4.39",
"http://www.openwall.com/lists/oss-security/2019/04/02/1",
"http://www.securityfocus.com/bid/107669",
"https://access.redhat.com/errata/RHSA-2019:3932",
"https://access.redhat.com/errata/RHSA-2019:3933",
"https://access.redhat.com/errata/RHSA-2019:3935",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/97a1c58e138ed58a364513b58d807a802e72bf6079ff81a10948ef7c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/fd110f4ace2d8364c7d9190e1993cde92f79e4eb85576ed9285686ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRYD6JMEJ6O3JKJZFNOYXMJJU5JMEJK/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTJPHI3E3OKW7OT7COQXVG7DE7IDQ2OT/",
"https://seclists.org/bugtraq/2019/Apr/5",
"https://security.netapp.com/advisory/ntap-20190617-0002/",
"https://support.f5.com/csp/article/K44591505",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/3937-1/",
"https://www.debian.org/security/2019/dsa-4422",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
],
"score": 5.3,
"services": [
"9200/http"
],
"severity": "medium",
"summary": "A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"weakness": "CWE-416"
},
"CVE-2019-0211": {
"id": "CVE-2019-0211",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html",
"http://packetstormsecurity.com/files/152386/Apache-2.4.38-Root-Privilege-Escalation.html",
"http://packetstormsecurity.com/files/152415/Slackware-Security-Advisory-httpd-Updates.html",
"http://packetstormsecurity.com/files/152441/CARPE-DIEM-Apache-2.4.x-Local-Privilege-Escalation.html",
"http://www.apache.org/dist/httpd/CHANGES_2.4.39",
"http://www.openwall.com/lists/oss-security/2019/04/02/3",
"http://www.openwall.com/lists/oss-security/2019/07/26/7",
"http://www.securityfocus.com/bid/107666",
"https://access.redhat.com/errata/RHBA-2019:0959",
"https://access.redhat.com/errata/RHSA-2019:0746",
"https://access.redhat.com/errata/RHSA-2019:0980",
"https://access.redhat.com/errata/RHSA-2019:1296",
"https://access.redhat.com/errata/RHSA-2019:1297",
"https://access.redhat.com/errata/RHSA-2019:1543",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/890507b85c30adf133216b299cc35cd8cd0346a885acfc671c04694e%40%3Cdev.community.apache.org%3E",
"https://lists.apache.org/thread.html/b1613d44ec364c87bb7ee8c5939949f9b061c05c06e0e90098ebf7aa%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/b2bdb308dc015e771ba79c0586b2de6fb50caa98b109833f5d4daf28%40%3Cdev.community.apache.org%3E",
"https://lists.apache.org/thread.html/de881a130bc9cb2f3a9ff220784520556884fb8ea80e69400a45509e%40%3Cdev.community.apache.org%3E",
"https://lists.apache.org/thread.html/fd110f4ace2d8364c7d9190e1993cde92f79e4eb85576ed9285686ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/",
"https://seclists.org/bugtraq/2019/Apr/16",
"https://seclists.org/bugtraq/2019/Apr/5",
"https://security.gentoo.org/glsa/201904-20",
"https://security.netapp.com/advisory/ntap-20190423-0001/",
"https://support.f5.com/csp/article/K32957101",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/3937-1/",
"https://www.debian.org/security/2019/dsa-4422",
"https://www.exploit-db.com/exploits/46676/",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"https://www.synology.com/security/advisory/Synology_SA_19_14"
],
"score": 7.8,
"services": [
"9200/http"
],
"severity": "high",
"summary": "In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-416"
},
"CVE-2019-0217": {
"id": "CVE-2019-0217",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html",
"http://www.openwall.com/lists/oss-security/2019/04/02/5",
"http://www.securityfocus.com/bid/107668",
"https://access.redhat.com/errata/RHSA-2019:2343",
"https://access.redhat.com/errata/RHSA-2019:3436",
"https://access.redhat.com/errata/RHSA-2019:3932",
"https://access.redhat.com/errata/RHSA-2019:3933",
"https://access.redhat.com/errata/RHSA-2019:3935",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://bugzilla.redhat.com/show_bug.cgi?id=1695020",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/e0b8f6e858b1c8ec2ce8e291a2c543d438915037c7af661ab6d33808%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/",
"https://seclists.org/bugtraq/2019/Apr/5",
"https://security.netapp.com/advisory/ntap-20190423-0001/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/3937-1/",
"https://usn.ubuntu.com/3937-2/",
"https://www.debian.org/security/2019/dsa-4422",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html",
"http://www.openwall.com/lists/oss-security/2019/04/02/5",
"http://www.securityfocus.com/bid/107668",
"https://access.redhat.com/errata/RHSA-2019:2343",
"https://access.redhat.com/errata/RHSA-2019:3436",
"https://access.redhat.com/errata/RHSA-2019:3932",
"https://access.redhat.com/errata/RHSA-2019:3933",
"https://access.redhat.com/errata/RHSA-2019:3935",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://bugzilla.redhat.com/show_bug.cgi?id=1695020",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/e0b8f6e858b1c8ec2ce8e291a2c543d438915037c7af661ab6d33808%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/",
"https://seclists.org/bugtraq/2019/Apr/5",
"https://security.netapp.com/advisory/ntap-20190423-0001/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/3937-1/",
"https://usn.ubuntu.com/3937-2/",
"https://www.debian.org/security/2019/dsa-4422",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-362"
},
"CVE-2019-0220": {
"id": "CVE-2019-0220",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html",
"http://www.openwall.com/lists/oss-security/2019/04/02/6",
"http://www.securityfocus.com/bid/107670",
"https://access.redhat.com/errata/RHSA-2019:2343",
"https://access.redhat.com/errata/RHSA-2019:3436",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://access.redhat.com/errata/RHSA-2020:0250",
"https://access.redhat.com/errata/RHSA-2020:0251",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r31f46d1f16ffcafa68058596b21f6eaf6d352290e522690a1cdccdd7%40%3Cbugs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/",
"https://seclists.org/bugtraq/2019/Apr/5",
"https://security.netapp.com/advisory/ntap-20190625-0007/",
"https://support.f5.com/csp/article/K44591505",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/3937-1/",
"https://www.debian.org/security/2019/dsa-4422",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html",
"http://www.openwall.com/lists/oss-security/2019/04/02/6",
"http://www.securityfocus.com/bid/107670",
"https://access.redhat.com/errata/RHSA-2019:2343",
"https://access.redhat.com/errata/RHSA-2019:3436",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://access.redhat.com/errata/RHSA-2020:0250",
"https://access.redhat.com/errata/RHSA-2020:0251",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r31f46d1f16ffcafa68058596b21f6eaf6d352290e522690a1cdccdd7%40%3Cbugs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/",
"https://seclists.org/bugtraq/2019/Apr/5",
"https://security.netapp.com/advisory/ntap-20190625-0007/",
"https://support.f5.com/csp/article/K44591505",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/3937-1/",
"https://www.debian.org/security/2019/dsa-4422",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
],
"score": 5.3,
"services": [
"9200/http"
],
"severity": "medium",
"summary": "A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"weakness": "CWE-706"
},
"CVE-2019-10081": {
"id": "CVE-2019-10081",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://seclists.org/bugtraq/2019/Aug/47",
"https://security.gentoo.org/glsa/201909-04",
"https://security.netapp.com/advisory/ntap-20190905-0003/",
"https://support.f5.com/csp/article/K84341091?utm_source=f5support&%3Butm_medium=RSS",
"https://usn.ubuntu.com/4113-1/",
"https://www.debian.org/security/2019/dsa-4509",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configured with \"H2PushResource\", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the client.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-787"
},
"CVE-2019-10082": {
"id": "CVE-2019-10082",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
],
"score": 9.1,
"services": [
"9200/http"
],
"severity": "critical",
"summary": "In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"weakness": "CWE-416"
},
"CVE-2019-10092": {
"id": "CVE-2019-10092",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html",
"http://www.openwall.com/lists/oss-security/2019/08/15/4",
"http://www.openwall.com/lists/oss-security/2020/08/08/1",
"http://www.openwall.com/lists/oss-security/2020/08/08/9",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/73768e31e0fcae03e12f5aa87da1cb26dece39327f3c32060baa3e94%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0a83b112cd9701ef8a2061c8ed557f3dc9bb774d4da69fbb91bbc3c4%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/08/msg00034.html",
"https://lists.debian.org/debian-lts-announce/2019/09/msg00034.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RVHJHTU4JN3ULCQ44F2G6LZBF2LGNTC/",
"https://seclists.org/bugtraq/2019/Aug/47",
"https://seclists.org/bugtraq/2019/Oct/24",
"https://security.gentoo.org/glsa/201909-04",
"https://security.netapp.com/advisory/ntap-20190905-0003/",
"https://support.f5.com/csp/article/K30442259",
"https://usn.ubuntu.com/4113-1/",
"https://www.debian.org/security/2019/dsa-4509",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujan2020.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html",
"http://www.openwall.com/lists/oss-security/2019/08/15/4",
"http://www.openwall.com/lists/oss-security/2020/08/08/1",
"http://www.openwall.com/lists/oss-security/2020/08/08/9",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/73768e31e0fcae03e12f5aa87da1cb26dece39327f3c32060baa3e94%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0a83b112cd9701ef8a2061c8ed557f3dc9bb774d4da69fbb91bbc3c4%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/08/msg00034.html",
"https://lists.debian.org/debian-lts-announce/2019/09/msg00034.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RVHJHTU4JN3ULCQ44F2G6LZBF2LGNTC/",
"https://seclists.org/bugtraq/2019/Aug/47",
"https://seclists.org/bugtraq/2019/Oct/24",
"https://security.gentoo.org/glsa/201909-04",
"https://security.netapp.com/advisory/ntap-20190905-0003/",
"https://support.f5.com/csp/article/K30442259",
"https://usn.ubuntu.com/4113-1/",
"https://www.debian.org/security/2019/dsa-4509",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujan2020.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
],
"score": 6.1,
"services": [
"9200/http"
],
"severity": "medium",
"summary": "In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-79"
},
"CVE-2019-10098": {
"id": "CVE-2019-10098",
"references": [
"http://www.openwall.com/lists/oss-security/2020/04/01/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://www.oracle.com/security-alerts/cpuApr2021.html",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujan2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"http://www.openwall.com/lists/oss-security/2020/04/01/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://www.oracle.com/security-alerts/cpuApr2021.html",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujan2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
],
"score": 6.1,
"services": [
"9200/http"
],
"severity": "medium",
"summary": "In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-601"
},
"CVE-2019-11072": {
"id": "CVE-2019-11072",
"references": [
"http://www.securityfocus.com/bid/107907",
"https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354",
"https://redmine.lighttpd.net/issues/2945",
"http://www.securityfocus.com/bid/107907",
"https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354",
"https://redmine.lighttpd.net/issues/2945"
],
"score": 9.8,
"services": [
"2181/http"
],
"severity": "critical",
"summary": "lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states \"The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-190"
},
"CVE-2019-12519": {
"id": "CVE-2019-12519",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00018.html",
"http://www.openwall.com/lists/oss-security/2020/04/23/1",
"https://gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-12519.txt",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://security.gentoo.org/glsa/202005-05",
"https://security.netapp.com/advisory/ntap-20210205-0006/",
"https://usn.ubuntu.com/4356-1/",
"https://www.debian.org/security/2020/dsa-4682",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00018.html",
"http://www.openwall.com/lists/oss-security/2020/04/23/1",
"https://gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-12519.txt",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://security.gentoo.org/glsa/202005-05",
"https://security.netapp.com/advisory/ntap-20210205-0006/",
"https://usn.ubuntu.com/4356-1/",
"https://www.debian.org/security/2020/dsa-4682"
],
"score": 9.8,
"services": [
"27018/http-proxy"
],
"severity": "critical",
"summary": "An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2019-12520": {
"id": "CVE-2019-12520",
"references": [
"http://www.squid-cache.org/Versions/v4/",
"http://www.squid-cache.org/Versions/v4/changesets/",
"https://github.com/squid-cache/squid/commits/v4",
"https://gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-12520.txt",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://security.netapp.com/advisory/ntap-20210205-0006/",
"https://usn.ubuntu.com/4446-1/",
"https://www.debian.org/security/2020/dsa-4682",
"http://www.squid-cache.org/Versions/v4/",
"http://www.squid-cache.org/Versions/v4/changesets/",
"https://github.com/squid-cache/squid/commits/v4",
"https://gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-12520.txt",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://security.netapp.com/advisory/ntap-20210205-0006/",
"https://usn.ubuntu.com/4446-1/",
"https://www.debian.org/security/2020/dsa-4682"
],
"score": 7.5,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does this by making a MD5 hash of the absolute URL of the request. If found, it servers the request. The absolute URL can include the decoded UserInfo (username and password) for certain protocols. This decoded info is prepended to the domain. This allows an attacker to provide a username that has special characters to delimit the domain, and treat the rest of the URL as a path or query string. An attacker could first make a request to their domain using an encoded username, then when a request for the target domain comes in that decodes to the exact URL, it will serve the attacker's HTML instead of the real HTML. On Squid servers that also act as reverse proxies, this allows an attacker to gain access to features that only reverse proxies can use, such as ESI.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-20"
},
"CVE-2019-12521": {
"id": "CVE-2019-12521",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00018.html",
"http://www.openwall.com/lists/oss-security/2020/04/23/1",
"https://gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-12521.txt",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://security.gentoo.org/glsa/202005-05",
"https://security.netapp.com/advisory/ntap-20210205-0006/",
"https://usn.ubuntu.com/4356-1/",
"https://www.debian.org/security/2020/dsa-4682",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00018.html",
"http://www.openwall.com/lists/oss-security/2020/04/23/1",
"https://gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-12521.txt",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://security.gentoo.org/glsa/202005-05",
"https://security.netapp.com/advisory/ntap-20210205-0006/",
"https://usn.ubuntu.com/4356-1/",
"https://www.debian.org/security/2020/dsa-4682"
],
"score": 5.9,
"services": [
"27018/http-proxy"
],
"severity": "medium",
"summary": "An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elements in this buffer, but it's off by 1, leading to a Heap Overflow of 1 element. The overflow is within the same structure so it can't affect adjacent memory blocks, and thus just leads to a crash while processing.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-193"
},
"CVE-2019-12522": {
"id": "CVE-2019-12522",
"references": [
"https://gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-12522.txt",
"https://security.netapp.com/advisory/ntap-20210205-0006/",
"https://gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-12522.txt",
"https://security.netapp.com/advisory/ntap-20210205-0006/"
],
"score": 4.5,
"services": [
"27018/http-proxy"
],
"severity": "medium",
"summary": "An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leave_suid call. leave_suid leaves the Saved UID as 0. This makes it trivial for an attacker who has compromised the child process to escalate their privileges back to root.",
"vector_string": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"weakness": "CWE-269"
},
"CVE-2019-12523": {
"id": "CVE-2019-12523",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html",
"http://www.squid-cache.org/Advisories/SQUID-2019_8.txt",
"https://bugzilla.suse.com/show_bug.cgi?id=1156329",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/",
"https://usn.ubuntu.com/4213-1/",
"https://usn.ubuntu.com/4446-1/",
"https://www.debian.org/security/2020/dsa-4682",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html",
"http://www.squid-cache.org/Advisories/SQUID-2019_8.txt",
"https://bugzilla.suse.com/show_bug.cgi?id=1156329",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/",
"https://usn.ubuntu.com/4213-1/",
"https://usn.ubuntu.com/4446-1/",
"https://www.debian.org/security/2020/dsa-4682"
],
"score": 9.1,
"services": [
"27018/http-proxy"
],
"severity": "critical",
"summary": "An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers, e.g., an attacker can connect to HTTP servers that only listen on localhost.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2019-12524": {
"id": "CVE-2019-12524",
"references": [
"https://gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-12524.txt",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://security.netapp.com/advisory/ntap-20210205-0006/",
"https://usn.ubuntu.com/4446-1/",
"https://www.debian.org/security/2020/dsa-4682",
"https://gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-12524.txt",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://security.netapp.com/advisory/ntap-20210205-0006/",
"https://usn.ubuntu.com/4446-1/",
"https://www.debian.org/security/2020/dsa-4682"
],
"score": 9.8,
"services": [
"27018/http-proxy"
],
"severity": "critical",
"summary": "An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is implemented via url_regex. The handler for url_regex rules URL decodes an incoming request. This allows an attacker to encode their URL to bypass the url_regex check, and gain access to the blocked resource.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-306"
},
"CVE-2019-12525": {
"id": "CVE-2019-12525",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html",
"http://www.squid-cache.org/Versions/v4/changesets/",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-7f73e9c5d17664b882ed32590e6af310c247f320.patch",
"https://github.com/squid-cache/squid/commits/v4",
"https://lists.debian.org/debian-lts-announce/2019/07/msg00018.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPXN2CLAGN5QSQBTOV5IGVLDOQSRFNTZ/",
"https://seclists.org/bugtraq/2019/Aug/42",
"https://usn.ubuntu.com/4065-1/",
"https://usn.ubuntu.com/4065-2/",
"https://www.debian.org/security/2019/dsa-4507"
],
"score": 9.8,
"services": [
"27018/http-proxy"
],
"severity": "critical",
"summary": "An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2019-12526": {
"id": "CVE-2019-12526",
"references": [
"http://www.squid-cache.org/Advisories/SQUID-2019_7.txt",
"https://bugzilla.suse.com/show_bug.cgi?id=1156326",
"https://lists.debian.org/debian-lts-announce/2019/12/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/",
"https://security.gentoo.org/glsa/202003-34",
"https://usn.ubuntu.com/4213-1/",
"https://www.debian.org/security/2020/dsa-4682",
"http://www.squid-cache.org/Advisories/SQUID-2019_7.txt",
"https://bugzilla.suse.com/show_bug.cgi?id=1156326",
"https://lists.debian.org/debian-lts-announce/2019/12/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/",
"https://security.gentoo.org/glsa/202003-34",
"https://usn.ubuntu.com/4213-1/",
"https://www.debian.org/security/2020/dsa-4682"
],
"score": 9.8,
"services": [
"27018/http-proxy"
],
"severity": "critical",
"summary": "An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker controlled data overflowing in the heap.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2019-12528": {
"id": "CVE-2019-12528",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00010.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00018.html",
"http://www.squid-cache.org/Advisories/SQUID-2020_2.txt",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6W2IQ7QV2OGREFFUBNVZIDD3RJBDE4R/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TSU6SPANL27AGK5PCGBJOKG4LUWA555J/",
"https://security.gentoo.org/glsa/202003-34",
"https://usn.ubuntu.com/4289-1/",
"https://www.debian.org/security/2020/dsa-4682",
"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00010.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00018.html",
"http://www.squid-cache.org/Advisories/SQUID-2020_2.txt",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6W2IQ7QV2OGREFFUBNVZIDD3RJBDE4R/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TSU6SPANL27AGK5PCGBJOKG4LUWA555J/",
"https://security.gentoo.org/glsa/202003-34",
"https://usn.ubuntu.com/4289-1/",
"https://www.debian.org/security/2020/dsa-4682"
],
"score": 7.5,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2019-12529": {
"id": "CVE-2019-12529",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html",
"http://www.squid-cache.org/Versions/v4/changesets/",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-dd46b5417809647f561d8a5e0e74c3aacd235258.patch",
"https://github.com/squid-cache/squid/commits/v4",
"https://lists.debian.org/debian-lts-announce/2019/07/msg00018.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPXN2CLAGN5QSQBTOV5IGVLDOQSRFNTZ/",
"https://seclists.org/bugtraq/2019/Aug/42",
"https://usn.ubuntu.com/4065-1/",
"https://usn.ubuntu.com/4065-2/",
"https://www.debian.org/security/2019/dsa-4507",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html",
"http://www.squid-cache.org/Versions/v4/changesets/",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-dd46b5417809647f561d8a5e0e74c3aacd235258.patch",
"https://github.com/squid-cache/squid/commits/v4",
"https://lists.debian.org/debian-lts-announce/2019/07/msg00018.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPXN2CLAGN5QSQBTOV5IGVLDOQSRFNTZ/",
"https://seclists.org/bugtraq/2019/Aug/42",
"https://usn.ubuntu.com/4065-1/",
"https://usn.ubuntu.com/4065-2/",
"https://www.debian.org/security/2019/dsa-4507"
],
"score": 5.9,
"services": [
"27018/http-proxy"
],
"severity": "medium",
"summary": "An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checking its table. The length is then used to start decoding the string. There are no checks to ensure that the length it calculates isn't greater than the input buffer. This leads to adjacent memory being decoded as well. An attacker would not be able to retrieve the decoded data unless the Squid maintainer had configured the display of usernames on error pages.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-125"
},
"CVE-2019-13345": {
"id": "CVE-2019-13345",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00067.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html",
"http://www.securityfocus.com/bid/109095",
"https://access.redhat.com/errata/RHSA-2019:3476",
"https://bugs.squid-cache.org/show_bug.cgi?id=4957",
"https://github.com/squid-cache/squid/pull/429",
"https://lists.debian.org/debian-lts-announce/2019/07/msg00006.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPXN2CLAGN5QSQBTOV5IGVLDOQSRFNTZ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X2ERPHSPUGOYVVRPQRASQBFGS2EJISFC/",
"https://seclists.org/bugtraq/2019/Aug/42",
"https://usn.ubuntu.com/4059-1/",
"https://usn.ubuntu.com/4059-2/",
"https://www.debian.org/security/2019/dsa-4507",
"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00067.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html",
"http://www.securityfocus.com/bid/109095",
"https://access.redhat.com/errata/RHSA-2019:3476",
"https://bugs.squid-cache.org/show_bug.cgi?id=4957",
"https://github.com/squid-cache/squid/pull/429",
"https://lists.debian.org/debian-lts-announce/2019/07/msg00006.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPXN2CLAGN5QSQBTOV5IGVLDOQSRFNTZ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X2ERPHSPUGOYVVRPQRASQBFGS2EJISFC/",
"https://seclists.org/bugtraq/2019/Aug/42",
"https://usn.ubuntu.com/4059-1/",
"https://usn.ubuntu.com/4059-2/",
"https://www.debian.org/security/2019/dsa-4507"
],
"score": 6.1,
"services": [
"27018/http-proxy"
],
"severity": "medium",
"summary": "The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-79"
},
"CVE-2019-13404": {
"id": "CVE-2019-13404",
"references": [
"https://docs.python.org/2/faq/windows.html",
"https://docs.python.org/2/faq/windows.html"
],
"score": 7.8,
"services": [
"8500/http"
],
"severity": "high",
"summary": "The MSI installer for Python through 2.7.16 on Windows defaults to the C:\\Python27 directory, which makes it easier for local users to deploy Trojan horse code. (This also affects old 3.x releases before 3.5.) NOTE: the vendor's position is that it is the user's responsibility to ensure C:\\Python27 access control or choose a different directory, because backwards compatibility requires that C:\\Python27 remain the default for 2.7.x",
"vector_string": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"weakness": "CWE-552"
},
"CVE-2019-16056": {
"id": "CVE-2019-16056",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"https://access.redhat.com/errata/RHSA-2019:3725",
"https://access.redhat.com/errata/RHSA-2019:3948",
"https://bugs.python.org/issue34155",
"https://github.com/python/cpython/commit/8cb65d1381b027f0b09ee36bfed7f35bb4dec9a9",
"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/09/msg00018.html",
"https://lists.debian.org/debian-lts-announce/2019/09/msg00019.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4KZEFP6E4YPYB52AF4WXCUDSGQOTF37/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NF3DRDGMVIRYNZMSLJIHNW47HOUQYXVG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QASRD4E2G65GGEHYKVHYCXB2XWAGTNL4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QP46PQSUKYPGWTADQ67NOV3BUN6JM34Z/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SDQQ56P7ZZR64XV5DUVWNSNXKKEXUG2J/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/",
"https://security.netapp.com/advisory/ntap-20190926-0005/",
"https://usn.ubuntu.com/4151-1/",
"https://usn.ubuntu.com/4151-2/",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"https://access.redhat.com/errata/RHSA-2019:3725",
"https://access.redhat.com/errata/RHSA-2019:3948",
"https://bugs.python.org/issue34155",
"https://github.com/python/cpython/commit/8cb65d1381b027f0b09ee36bfed7f35bb4dec9a9",
"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/09/msg00018.html",
"https://lists.debian.org/debian-lts-announce/2019/09/msg00019.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4KZEFP6E4YPYB52AF4WXCUDSGQOTF37/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NF3DRDGMVIRYNZMSLJIHNW47HOUQYXVG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QASRD4E2G65GGEHYKVHYCXB2XWAGTNL4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QP46PQSUKYPGWTADQ67NOV3BUN6JM34Z/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SDQQ56P7ZZR64XV5DUVWNSNXKKEXUG2J/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/",
"https://security.netapp.com/advisory/ntap-20190926-0005/",
"https://usn.ubuntu.com/4151-1/",
"https://usn.ubuntu.com/4151-2/",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujul2020.html"
],
"score": 7.5,
"services": [
"8500/http"
],
"severity": "high",
"summary": "An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2019-17567": {
"id": "CVE-2019-17567",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/2",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r90f693a5c9fb75550ef1412436d5e682a5f845beb427fa6f23419a3c%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/2",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r90f693a5c9fb75550ef1412436d5e682a5f845beb427fa6f23419a3c%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.oracle.com/security-alerts/cpuoct2021.html"
],
"score": 5.3,
"services": [
"9200/http"
],
"severity": "medium",
"summary": "Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"weakness": "CWE-444"
},
"CVE-2019-18348": {
"id": "CVE-2019-18348",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html",
"https://bugs.python.org/issue30458#msg347282",
"https://bugzilla.redhat.com/show_bug.cgi?id=1727276",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5NSAX4SC3V64PGZUPH7PRDLSON34Q5A/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UESGYI5XDAHJBATEZN3MHNDUBDH47AS6/",
"https://security.netapp.com/advisory/ntap-20191107-0004/",
"https://usn.ubuntu.com/4333-1/",
"https://usn.ubuntu.com/4333-2/",
"https://www.oracle.com/security-alerts/cpuoct2020.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html",
"https://bugs.python.org/issue30458#msg347282",
"https://bugzilla.redhat.com/show_bug.cgi?id=1727276",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5NSAX4SC3V64PGZUPH7PRDLSON34Q5A/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UESGYI5XDAHJBATEZN3MHNDUBDH47AS6/",
"https://security.netapp.com/advisory/ntap-20191107-0004/",
"https://usn.ubuntu.com/4333-1/",
"https://usn.ubuntu.com/4333-2/",
"https://www.oracle.com/security-alerts/cpuoct2020.html"
],
"score": 6.1,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.). This is fixed in: v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1; v3.6.11, v3.6.11rc1, v3.6.12; v3.7.8, v3.7.8rc1, v3.7.9; v3.8.3, v3.8.3rc1, v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-74"
},
"CVE-2019-18676": {
"id": "CVE-2019-18676",
"references": [
"http://www.squid-cache.org/Advisories/SQUID-2019_8.txt",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-fbbdf75efd7a5cc244b4886a9d42ea458c5a3a73.patch",
"https://bugzilla.suse.com/show_bug.cgi?id=1156329",
"https://github.com/squid-cache/squid/pull/275",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/",
"https://usn.ubuntu.com/4213-1/",
"https://usn.ubuntu.com/4446-1/",
"https://www.debian.org/security/2020/dsa-4682",
"http://www.squid-cache.org/Advisories/SQUID-2019_8.txt",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-fbbdf75efd7a5cc244b4886a9d42ea458c5a3a73.patch",
"https://bugzilla.suse.com/show_bug.cgi?id=1156329",
"https://github.com/squid-cache/squid/pull/275",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/",
"https://usn.ubuntu.com/4213-1/",
"https://usn.ubuntu.com/4446-1/",
"https://www.debian.org/security/2020/dsa-4682"
],
"score": 7.5,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurring before normal security checks; any remote client that can reach the proxy port can trivially perform the attack via a crafted URI scheme.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-787"
},
"CVE-2019-18677": {
"id": "CVE-2019-18677",
"references": [
"http://www.squid-cache.org/Advisories/SQUID-2019_9.txt",
"http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-e5f1813a674848dde570f7920873e1071f96e0b4.patch",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-36492033ea4097821a4f7ff3ddcb971fbd1e8ba0.patch",
"https://bugzilla.suse.com/show_bug.cgi?id=1156328",
"https://github.com/squid-cache/squid/pull/427",
"https://lists.debian.org/debian-lts-announce/2019/12/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/",
"https://usn.ubuntu.com/4213-1/",
"https://www.debian.org/security/2020/dsa-4682",
"http://www.squid-cache.org/Advisories/SQUID-2019_9.txt",
"http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-e5f1813a674848dde570f7920873e1071f96e0b4.patch",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-36492033ea4097821a4f7ff3ddcb971fbd1e8ba0.patch",
"https://bugzilla.suse.com/show_bug.cgi?id=1156328",
"https://github.com/squid-cache/squid/pull/427",
"https://lists.debian.org/debian-lts-announce/2019/12/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/",
"https://usn.ubuntu.com/4213-1/",
"https://www.debian.org/security/2020/dsa-4682"
],
"score": 6.1,
"services": [
"27018/http-proxy"
],
"severity": "medium",
"summary": "An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be delivered to.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-352"
},
"CVE-2019-18678": {
"id": "CVE-2019-18678",
"references": [
"http://www.squid-cache.org/Advisories/SQUID-2019_10.txt",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-671ba97abe929156dc4c717ee52ad22fba0f7443.patch",
"https://bugzilla.suse.com/show_bug.cgi?id=1156323",
"https://github.com/squid-cache/squid/pull/445",
"https://lists.debian.org/debian-lts-announce/2019/12/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/",
"https://security.gentoo.org/glsa/202003-34",
"https://usn.ubuntu.com/4213-1/",
"https://www.debian.org/security/2020/dsa-4682",
"http://www.squid-cache.org/Advisories/SQUID-2019_10.txt",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-671ba97abe929156dc4c717ee52ad22fba0f7443.patch",
"https://bugzilla.suse.com/show_bug.cgi?id=1156323",
"https://github.com/squid-cache/squid/pull/445",
"https://lists.debian.org/debian-lts-announce/2019/12/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/",
"https://security.gentoo.org/glsa/202003-34",
"https://usn.ubuntu.com/4213-1/",
"https://www.debian.org/security/2020/dsa-4682"
],
"score": 5.3,
"services": [
"27018/http-proxy"
],
"severity": "medium",
"summary": "An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlled content at arbitrary URLs. Effects are isolated to software between the attacker client and Squid. There are no effects on Squid itself, nor on any upstream servers. The issue is related to a request header containing whitespace between a header name and a colon.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"weakness": "CWE-444"
},
"CVE-2019-18679": {
"id": "CVE-2019-18679",
"references": [
"http://www.squid-cache.org/Advisories/SQUID-2019_11.txt",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-671ba97abe929156dc4c717ee52ad22fba0f7443.patch",
"https://bugzilla.suse.com/show_bug.cgi?id=1156324",
"https://github.com/squid-cache/squid/pull/491",
"https://lists.debian.org/debian-lts-announce/2019/12/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/",
"https://security.gentoo.org/glsa/202003-34",
"https://usn.ubuntu.com/4213-1/",
"https://www.debian.org/security/2020/dsa-4682",
"http://www.squid-cache.org/Advisories/SQUID-2019_11.txt",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-671ba97abe929156dc4c717ee52ad22fba0f7443.patch",
"https://bugzilla.suse.com/show_bug.cgi?id=1156324",
"https://github.com/squid-cache/squid/pull/491",
"https://lists.debian.org/debian-lts-announce/2019/12/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/",
"https://security.gentoo.org/glsa/202003-34",
"https://usn.ubuntu.com/4213-1/",
"https://www.debian.org/security/2020/dsa-4682"
],
"score": 7.5,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-200"
},
"CVE-2019-18860": {
"id": "CVE-2019-18860",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00018.html",
"https://github.com/squid-cache/squid/pull/504",
"https://github.com/squid-cache/squid/pull/505",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://usn.ubuntu.com/4356-1/",
"https://www.debian.org/security/2020/dsa-4732",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00018.html",
"https://github.com/squid-cache/squid/pull/504",
"https://github.com/squid-cache/squid/pull/505",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://usn.ubuntu.com/4356-1/",
"https://www.debian.org/security/2020/dsa-4732"
],
"score": 6.1,
"services": [
"27018/http-proxy"
],
"severity": "medium",
"summary": "Squid before 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-74"
},
"CVE-2019-19538": {
"id": "CVE-2019-19538",
"references": [
"https://community.freepbx.org/t/freepbx-security-vulnerability-sec-2019-00",
"https://wiki.freepbx.org/display/FOP/2019-12-03+Remote+Command+Execution",
"https://community.freepbx.org/t/freepbx-security-vulnerability-sec-2019-00",
"https://wiki.freepbx.org/display/FOP/2019-12-03+Remote+Command+Execution"
],
"score": 7.2,
"services": [
"443/sip-proxy"
],
"severity": "high",
"summary": "In Sangoma FreePBX 13 through 15 and sysadmin (aka System Admin) 13.0.92 through 15.0.13.6 modules have a Remote Command Execution vulnerability that results in Privilege Escalation.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2019-19851": {
"id": "CVE-2019-19851",
"references": [
"https://wiki.freepbx.org/display/FOP/2020-01-09+XSS+Injection+vulnerability+in+Superfecta+Module",
"https://wiki.freepbx.org/display/FOP/List+of+Securities+Vulnerabilities",
"https://wiki.freepbx.org/display/FOP/2020-01-09+XSS+Injection+vulnerability+in+Superfecta+Module",
"https://wiki.freepbx.org/display/FOP/List+of+Securities+Vulnerabilities"
],
"score": 4.8,
"services": [
"443/sip-proxy"
],
"severity": "medium",
"summary": "An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Debug/Test page of the Superfecta module at the admin/config.php?display=superfecta URI. This affects Superfecta through 13.0.4.7, 14.x through 14.0.24, and 15.x through 15.0.2.20.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-79"
},
"CVE-2019-9517": {
"id": "CVE-2019-9517",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html",
"http://www.openwall.com/lists/oss-security/2019/08/15/7",
"https://access.redhat.com/errata/RHSA-2019:2893",
"https://access.redhat.com/errata/RHSA-2019:2925",
"https://access.redhat.com/errata/RHSA-2019:2939",
"https://access.redhat.com/errata/RHSA-2019:2946",
"https://access.redhat.com/errata/RHSA-2019:2949",
"https://access.redhat.com/errata/RHSA-2019:2950",
"https://access.redhat.com/errata/RHSA-2019:2955",
"https://access.redhat.com/errata/RHSA-2019:3932",
"https://access.redhat.com/errata/RHSA-2019:3933",
"https://access.redhat.com/errata/RHSA-2019:3935",
"https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
"https://kb.cert.org/vuls/id/605641/",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10296",
"https://lists.apache.org/thread.html/4610762456644181b267c846423b3a990bd4aaea1886ecc7d51febdb%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/d89f999e26dfb1d50f247ead1fe8538014eb412b2dbe5be4b1a9ef50%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ec97fdfc1a859266e56fef084353a34e0a0b08901b3c1aa317a43c8c%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BP556LEG3WENHZI5TAQ6ZEBFTJB4E2IS/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XHTKU7YQ5EEP2XNSAV4M4VJ7QCBOJMOD/",
"https://seclists.org/bugtraq/2019/Aug/47",
"https://security.gentoo.org/glsa/201909-04",
"https://security.netapp.com/advisory/ntap-20190823-0003/",
"https://security.netapp.com/advisory/ntap-20190823-0005/",
"https://security.netapp.com/advisory/ntap-20190905-0003/",
"https://support.f5.com/csp/article/K02591030",
"https://support.f5.com/csp/article/K02591030?utm_source=f5support&%3Butm_medium=RSS",
"https://usn.ubuntu.com/4113-1/",
"https://www.debian.org/security/2019/dsa-4509",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"https://www.synology.com/security/advisory/Synology_SA_19_33"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-770"
},
"CVE-2019-9637": {
"id": "CVE-2019-9637",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77630",
"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html",
"https://security.netapp.com/advisory/ntap-20190502-0007/",
"https://support.f5.com/csp/article/K53825211",
"https://usn.ubuntu.com/3922-1/",
"https://usn.ubuntu.com/3922-2/",
"https://usn.ubuntu.com/3922-3/",
"https://www.debian.org/security/2019/dsa-4403",
"https://www.tenable.com/security/tns-2019-07",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77630",
"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html",
"https://security.netapp.com/advisory/ntap-20190502-0007/",
"https://support.f5.com/csp/article/K53825211",
"https://usn.ubuntu.com/3922-1/",
"https://usn.ubuntu.com/3922-2/",
"https://usn.ubuntu.com/3922-3/",
"https://www.debian.org/security/2019/dsa-4403",
"https://www.tenable.com/security/tns-2019-07"
],
"score": 7.5,
"services": [
"6379/echo"
],
"severity": "high",
"summary": "An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-264"
},
"CVE-2019-9638": {
"id": "CVE-2019-9638",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77563",
"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html",
"https://security.netapp.com/advisory/ntap-20190502-0007/",
"https://usn.ubuntu.com/3922-1/",
"https://usn.ubuntu.com/3922-2/",
"https://usn.ubuntu.com/3922-3/",
"https://www.debian.org/security/2019/dsa-4403",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77563",
"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html",
"https://security.netapp.com/advisory/ntap-20190502-0007/",
"https://usn.ubuntu.com/3922-1/",
"https://usn.ubuntu.com/3922-2/",
"https://usn.ubuntu.com/3922-3/",
"https://www.debian.org/security/2019/dsa-4403"
],
"score": 7.5,
"services": [
"6379/echo"
],
"severity": "high",
"summary": "An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-125"
},
"CVE-2019-9639": {
"id": "CVE-2019-9639",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77659",
"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html",
"https://security.netapp.com/advisory/ntap-20190502-0007/",
"https://usn.ubuntu.com/3922-1/",
"https://usn.ubuntu.com/3922-2/",
"https://usn.ubuntu.com/3922-3/",
"https://www.debian.org/security/2019/dsa-4403",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77659",
"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html",
"https://security.netapp.com/advisory/ntap-20190502-0007/",
"https://usn.ubuntu.com/3922-1/",
"https://usn.ubuntu.com/3922-2/",
"https://usn.ubuntu.com/3922-3/",
"https://www.debian.org/security/2019/dsa-4403"
],
"score": 7.5,
"services": [
"6379/echo"
],
"severity": "high",
"summary": "An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-908"
},
"CVE-2019-9641": {
"id": "CVE-2019-9641",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"https://bugs.php.net/bug.php?id=77509",
"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html",
"https://security.netapp.com/advisory/ntap-20190502-0007/",
"https://usn.ubuntu.com/3922-1/",
"https://usn.ubuntu.com/3922-2/",
"https://usn.ubuntu.com/3922-3/",
"https://www.debian.org/security/2019/dsa-4403",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"https://bugs.php.net/bug.php?id=77509",
"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html",
"https://security.netapp.com/advisory/ntap-20190502-0007/",
"https://usn.ubuntu.com/3922-1/",
"https://usn.ubuntu.com/3922-2/",
"https://usn.ubuntu.com/3922-3/",
"https://www.debian.org/security/2019/dsa-4403"
],
"score": 9.8,
"services": [
"6379/echo"
],
"severity": "critical",
"summary": "An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-908"
},
"CVE-2019-9674": {
"id": "CVE-2019-9674",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html",
"https://bugs.python.org/issue36260",
"https://bugs.python.org/issue36462",
"https://github.com/python/cpython/blob/master/Lib/zipfile.py",
"https://python-security.readthedocs.io/security.html#archives-and-zip-bomb",
"https://security.netapp.com/advisory/ntap-20200221-0003/",
"https://usn.ubuntu.com/4428-1/",
"https://www.python.org/news/security/",
"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html",
"https://bugs.python.org/issue36260",
"https://bugs.python.org/issue36462",
"https://github.com/python/cpython/blob/master/Lib/zipfile.py",
"https://python-security.readthedocs.io/security.html#archives-and-zip-bomb",
"https://security.netapp.com/advisory/ntap-20200221-0003/",
"https://usn.ubuntu.com/4428-1/",
"https://www.python.org/news/security/"
],
"score": 7.5,
"services": [
"8500/http"
],
"severity": "high",
"summary": "Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-400"
},
"CVE-2019-9740": {
"id": "CVE-2019-9740",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html",
"http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html",
"http://www.openwall.com/lists/oss-security/2021/02/04/2",
"http://www.securityfocus.com/bid/107466",
"https://access.redhat.com/errata/RHSA-2019:1260",
"https://access.redhat.com/errata/RHSA-2019:2030",
"https://access.redhat.com/errata/RHSA-2019:3335",
"https://access.redhat.com/errata/RHSA-2019:3520",
"https://access.redhat.com/errata/RHSA-2019:3725",
"https://bugs.python.org/issue36276",
"https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html",
"https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/",
"https://seclists.org/bugtraq/2019/Oct/29",
"https://security.gentoo.org/glsa/202003-26",
"https://security.netapp.com/advisory/ntap-20190619-0005/",
"https://usn.ubuntu.com/4127-1/",
"https://usn.ubuntu.com/4127-2/",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html",
"http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html",
"http://www.openwall.com/lists/oss-security/2021/02/04/2",
"http://www.securityfocus.com/bid/107466",
"https://access.redhat.com/errata/RHSA-2019:1260",
"https://access.redhat.com/errata/RHSA-2019:2030",
"https://access.redhat.com/errata/RHSA-2019:3335",
"https://access.redhat.com/errata/RHSA-2019:3520",
"https://access.redhat.com/errata/RHSA-2019:3725",
"https://bugs.python.org/issue36276",
"https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html",
"https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/",
"https://seclists.org/bugtraq/2019/Oct/29",
"https://security.gentoo.org/glsa/202003-26",
"https://security.netapp.com/advisory/ntap-20190619-0005/",
"https://usn.ubuntu.com/4127-1/",
"https://usn.ubuntu.com/4127-2/",
"https://www.oracle.com/security-alerts/cpujul2022.html"
],
"score": 6.1,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-93"
},
"CVE-2019-9948": {
"id": "CVE-2019-9948",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00050.html",
"http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html",
"http://www.securityfocus.com/bid/107549",
"https://access.redhat.com/errata/RHSA-2019:1700",
"https://access.redhat.com/errata/RHSA-2019:2030",
"https://access.redhat.com/errata/RHSA-2019:3335",
"https://access.redhat.com/errata/RHSA-2019:3520",
"https://bugs.python.org/issue35907",
"https://github.com/python/cpython/pull/11842",
"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2019/07/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQEQLXLOCR3SNM3AA5RRYJFQ5AZBYJ4L/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRYFIMISZ47NTAU3XWZUOFB7CYL62KES/",
"https://seclists.org/bugtraq/2019/Oct/29",
"https://security.gentoo.org/glsa/202003-26",
"https://security.netapp.com/advisory/ntap-20190404-0004/",
"https://usn.ubuntu.com/4127-1/",
"https://usn.ubuntu.com/4127-2/",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00050.html",
"http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html",
"http://www.securityfocus.com/bid/107549",
"https://access.redhat.com/errata/RHSA-2019:1700",
"https://access.redhat.com/errata/RHSA-2019:2030",
"https://access.redhat.com/errata/RHSA-2019:3335",
"https://access.redhat.com/errata/RHSA-2019:3520",
"https://bugs.python.org/issue35907",
"https://github.com/python/cpython/pull/11842",
"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2019/07/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQEQLXLOCR3SNM3AA5RRYJFQ5AZBYJ4L/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRYFIMISZ47NTAU3XWZUOFB7CYL62KES/",
"https://seclists.org/bugtraq/2019/Oct/29",
"https://security.gentoo.org/glsa/202003-26",
"https://security.netapp.com/advisory/ntap-20190404-0004/",
"https://usn.ubuntu.com/4127-1/",
"https://usn.ubuntu.com/4127-2/"
],
"score": 9.1,
"services": [
"8500/http"
],
"severity": "critical",
"summary": "urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"weakness": "CWE-22"
},
"CVE-2020-11945": {
"id": "CVE-2020-11945",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00018.html",
"http://master.squid-cache.org/Versions/v4/changesets/squid-4-eeebf0f37a72a2de08348e85ae34b02c34e9a811.patch",
"http://www.openwall.com/lists/oss-security/2020/04/23/2",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-eeebf0f37a72a2de08348e85ae34b02c34e9a811.patch",
"https://bugzilla.suse.com/show_bug.cgi?id=1170313",
"https://github.com/squid-cache/squid/commit/eeebf0f37a72a2de08348e85ae34b02c34e9a811",
"https://github.com/squid-cache/squid/pull/585",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4FWQRYZJPHAZBLXJ56FPCHJN5X2FP3VA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4MWXEZAJSOGRJSS2JCJK4WBSND4IV46/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RV2VZWFJNO3B56IVN56HHKJASG5DYUIX/",
"https://security.gentoo.org/glsa/202005-05",
"https://security.netapp.com/advisory/ntap-20210304-0004/",
"https://usn.ubuntu.com/4356-1/",
"https://www.debian.org/security/2020/dsa-4682",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00018.html",
"http://master.squid-cache.org/Versions/v4/changesets/squid-4-eeebf0f37a72a2de08348e85ae34b02c34e9a811.patch",
"http://www.openwall.com/lists/oss-security/2020/04/23/2",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-eeebf0f37a72a2de08348e85ae34b02c34e9a811.patch",
"https://bugzilla.suse.com/show_bug.cgi?id=1170313",
"https://github.com/squid-cache/squid/commit/eeebf0f37a72a2de08348e85ae34b02c34e9a811",
"https://github.com/squid-cache/squid/pull/585",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4FWQRYZJPHAZBLXJ56FPCHJN5X2FP3VA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4MWXEZAJSOGRJSS2JCJK4WBSND4IV46/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RV2VZWFJNO3B56IVN56HHKJASG5DYUIX/",
"https://security.gentoo.org/glsa/202005-05",
"https://security.netapp.com/advisory/ntap-20210304-0004/",
"https://usn.ubuntu.com/4356-1/",
"https://www.debian.org/security/2020/dsa-4682"
],
"score": 9.8,
"services": [
"27018/http-proxy"
],
"severity": "critical",
"summary": "An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a short integer). Remote code execution may occur if the pooled token credentials are freed (instead of replayed as valid credentials).",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-190"
},
"CVE-2020-11993": {
"id": "CVE-2020-11993",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00081.html",
"http://packetstormsecurity.com/files/160393/Apache-2-HTTP2-Module-Concurrent-Pool-Usage.html",
"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11993",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2c6083f6a2027914a0f5b54e2a1f4fa98c03f8693b58460911818255%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5debe8f82728a00a4a68bc904dd6c35423bdfc8d601cfb4579f38bf1%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e9f1a7609760f0f80562eaaec2aa3c32d525c3e0fca98b475240c71%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf71eb428714374a6f9ad68952e23611ec7807b029fd6a1b4f5f732d9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4NKWG2EXAQQB6LMLATKZ7KLSRGCSHVAN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVFDBVM6E3JF3O7RYLRPRCH3RDRHJJY/",
"https://security.gentoo.org/glsa/202008-04",
"https://security.netapp.com/advisory/ntap-20200814-0005/",
"https://usn.ubuntu.com/4458-1/",
"https://www.debian.org/security/2020/dsa-4757",
"https://www.oracle.com/security-alerts/cpujan2021.html",
"https://www.oracle.com/security-alerts/cpuoct2020.html"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above \"info\" will mitigate this vulnerability for unpatched servers.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-444"
},
"CVE-2020-13938": {
"id": "CVE-2020-13938",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/3",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"https://lists.apache.org/thread.html/r5fdc4fbbc7ddb816c843329a9accdcf284ade86e8d77b8c2a6d9bc30%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/3",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"https://lists.apache.org/thread.html/r5fdc4fbbc7ddb816c843329a9accdcf284ade86e8d77b8c2a6d9bc30%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20210702-0001/"
],
"score": 5.5,
"services": [
"9200/http"
],
"severity": "medium",
"summary": "Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-862"
},
"CVE-2020-14058": {
"id": "CVE-2020-14058",
"references": [
"http://www.squid-cache.org/Advisories/SQUID-2020_6.txt",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-93f5fda134a2a010b84ffedbe833d670e63ba4be.patch",
"http://www.squid-cache.org/Versions/v5/changesets/squid-5-c6d1a4f6a2cbebceebc8a3fcd8f539ceb7b7f723.patch",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3RG5FGSTCAYVIJPJHIY3MRZ7NFT6HDO7/",
"https://security.netapp.com/advisory/ntap-20210312-0001/",
"http://www.squid-cache.org/Advisories/SQUID-2020_6.txt",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-93f5fda134a2a010b84ffedbe833d670e63ba4be.patch",
"http://www.squid-cache.org/Versions/v5/changesets/squid-5-c6d1a4f6a2cbebceebc8a3fcd8f539ceb7b7f723.patch",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3RG5FGSTCAYVIJPJHIY3MRZ7NFT6HDO7/",
"https://security.netapp.com/advisory/ntap-20210312-0001/"
],
"score": 7.5,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-controlled server for HTTPS. This occurs because unrecognized error values are mapped to NULL, but later code expects that each error value is mapped to a valid error string.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2020-15049": {
"id": "CVE-2020-15049",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00017.html",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-ea12a34d338b962707d5078d6d1fc7c6eb119a22.patch",
"http://www.squid-cache.org/Versions/v5/changesets/squid-5-485c9a7bb1bba88754e07ad0094647ea57a6eb8d.patch",
"https://github.com/squid-cache/squid/security/advisories/GHSA-qf3v-rc95-96j5",
"https://lists.debian.org/debian-lts-announce/2020/10/msg00005.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3RG5FGSTCAYVIJPJHIY3MRZ7NFT6HDO7/",
"https://security.netapp.com/advisory/ntap-20210312-0001/",
"https://usn.ubuntu.com/4551-1/",
"https://www.debian.org/security/2020/dsa-4732",
"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00017.html",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-ea12a34d338b962707d5078d6d1fc7c6eb119a22.patch",
"http://www.squid-cache.org/Versions/v5/changesets/squid-5-485c9a7bb1bba88754e07ad0094647ea57a6eb8d.patch",
"https://github.com/squid-cache/squid/security/advisories/GHSA-qf3v-rc95-96j5",
"https://lists.debian.org/debian-lts-announce/2020/10/msg00005.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3RG5FGSTCAYVIJPJHIY3MRZ7NFT6HDO7/",
"https://security.netapp.com/advisory/ntap-20210312-0001/",
"https://usn.ubuntu.com/4551-1/",
"https://www.debian.org/security/2020/dsa-4732"
],
"score": 9.9,
"services": [
"27018/http-proxy"
],
"severity": "critical",
"summary": "An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing \"+\\ \"-\" or an uncommon shell whitespace character prefix to the length field-value.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"weakness": "CWE-444"
},
"CVE-2020-15810": {
"id": "CVE-2020-15810",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00017.html",
"https://github.com/squid-cache/squid/security/advisories/GHSA-3365-q9qx-f98m",
"https://lists.debian.org/debian-lts-announce/2020/10/msg00005.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BE6FKUN7IGTIR2MEEMWYDT7N5EJJLZI2/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BMTFLVB7GLRF2CKGFPZ4G4R5DIIPHWI3/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJJDI7JQFGQLVNCKMVY64LAFMKERAOK7/",
"https://security.netapp.com/advisory/ntap-20210219-0007/",
"https://security.netapp.com/advisory/ntap-20210226-0006/",
"https://security.netapp.com/advisory/ntap-20210226-0007/",
"https://usn.ubuntu.com/4477-1/",
"https://usn.ubuntu.com/4551-1/",
"https://www.debian.org/security/2020/dsa-4751",
"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00017.html",
"https://github.com/squid-cache/squid/security/advisories/GHSA-3365-q9qx-f98m",
"https://lists.debian.org/debian-lts-announce/2020/10/msg00005.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BE6FKUN7IGTIR2MEEMWYDT7N5EJJLZI2/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BMTFLVB7GLRF2CKGFPZ4G4R5DIIPHWI3/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJJDI7JQFGQLVNCKMVY64LAFMKERAOK7/",
"https://security.netapp.com/advisory/ntap-20210219-0007/",
"https://security.netapp.com/advisory/ntap-20210226-0006/",
"https://security.netapp.com/advisory/ntap-20210226-0007/",
"https://usn.ubuntu.com/4477-1/",
"https://usn.ubuntu.com/4551-1/",
"https://www.debian.org/security/2020/dsa-4751"
],
"score": 6.5,
"services": [
"27018/http-proxy"
],
"severity": "medium",
"summary": "An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the proxy cache and any downstream caches with content from an arbitrary source. When configured for relaxed header parsing (the default), Squid relays headers containing whitespace characters to upstream servers. When this occurs as a prefix to a Content-Length header, the frame length specified will be ignored by Squid (allowing for a conflicting length to be used from another Content-Length header) but relayed upstream.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-444"
},
"CVE-2020-15811": {
"id": "CVE-2020-15811",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00017.html",
"https://github.com/squid-cache/squid/security/advisories/GHSA-c7p8-xqhm-49wv",
"https://lists.debian.org/debian-lts-announce/2020/10/msg00005.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BE6FKUN7IGTIR2MEEMWYDT7N5EJJLZI2/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BMTFLVB7GLRF2CKGFPZ4G4R5DIIPHWI3/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJJDI7JQFGQLVNCKMVY64LAFMKERAOK7/",
"https://security.netapp.com/advisory/ntap-20210219-0007/",
"https://security.netapp.com/advisory/ntap-20210226-0006/",
"https://security.netapp.com/advisory/ntap-20210226-0007/",
"https://usn.ubuntu.com/4477-1/",
"https://usn.ubuntu.com/4551-1/",
"https://www.debian.org/security/2020/dsa-4751",
"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00017.html",
"https://github.com/squid-cache/squid/security/advisories/GHSA-c7p8-xqhm-49wv",
"https://lists.debian.org/debian-lts-announce/2020/10/msg00005.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BE6FKUN7IGTIR2MEEMWYDT7N5EJJLZI2/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BMTFLVB7GLRF2CKGFPZ4G4R5DIIPHWI3/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJJDI7JQFGQLVNCKMVY64LAFMKERAOK7/",
"https://security.netapp.com/advisory/ntap-20210219-0007/",
"https://security.netapp.com/advisory/ntap-20210226-0006/",
"https://security.netapp.com/advisory/ntap-20210226-0007/",
"https://usn.ubuntu.com/4477-1/",
"https://usn.ubuntu.com/4551-1/",
"https://www.debian.org/security/2020/dsa-4751"
],
"score": 6.5,
"services": [
"27018/http-proxy"
],
"severity": "medium",
"summary": "An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the browser cache and any downstream caches with content from an arbitrary source. Squid uses a string search instead of parsing the Transfer-Encoding header to find chunked encoding. This allows an attacker to hide a second request inside Transfer-Encoding: it is interpreted by Squid as chunked and split out into a second request delivered upstream. Squid will then deliver two distinct responses to the client, corrupting any downstream caches.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-697"
},
"CVE-2020-1927": {
"id": "CVE-2020-1927",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html",
"http://www.openwall.com/lists/oss-security/2020/04/03/1",
"http://www.openwall.com/lists/oss-security/2020/04/04/1",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6a4146bf3d1645af2880f8b7a4fd8afd696d5fd4a3ae272f49f5dc84%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r731d43caece41d78d8c6304641a02a369fd78300e7ffaf566b06bc59%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/",
"https://security.netapp.com/advisory/ntap-20200413-0002/",
"https://usn.ubuntu.com/4458-1/",
"https://www.debian.org/security/2020/dsa-4757",
"https://www.oracle.com/security-alerts/cpuApr2021.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html",
"http://www.openwall.com/lists/oss-security/2020/04/03/1",
"http://www.openwall.com/lists/oss-security/2020/04/04/1",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6a4146bf3d1645af2880f8b7a4fd8afd696d5fd4a3ae272f49f5dc84%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r731d43caece41d78d8c6304641a02a369fd78300e7ffaf566b06bc59%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/",
"https://security.netapp.com/advisory/ntap-20200413-0002/",
"https://usn.ubuntu.com/4458-1/",
"https://www.debian.org/security/2020/dsa-4757",
"https://www.oracle.com/security-alerts/cpuApr2021.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/security-alerts/cpujul2022.html"
],
"score": 6.1,
"services": [
"9200/http"
],
"severity": "medium",
"summary": "In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-601"
},
"CVE-2020-1934": {
"id": "CVE-2020-1934",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8de98ec71bbea6e9f05809c46bca4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r33e626224386d2851a83c352f784ba90dedee5dc7fcfcc221d5d7527%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/",
"https://security.netapp.com/advisory/ntap-20200413-0002/",
"https://usn.ubuntu.com/4458-1/",
"https://www.debian.org/security/2020/dsa-4757",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8de98ec71bbea6e9f05809c46bca4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r33e626224386d2851a83c352f784ba90dedee5dc7fcfcc221d5d7527%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/",
"https://security.netapp.com/advisory/ntap-20200413-0002/",
"https://usn.ubuntu.com/4458-1/",
"https://www.debian.org/security/2020/dsa-4757",
"https://www.oracle.com/security-alerts/cpujul2020.html"
],
"score": 5.3,
"services": [
"9200/http"
],
"severity": "medium",
"summary": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"weakness": "CWE-908"
},
"CVE-2020-24606": {
"id": "CVE-2020-24606",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00017.html",
"http://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_9.patch",
"https://github.com/squid-cache/squid/security/advisories/GHSA-vvj7-xjgq-g2jg",
"https://lists.debian.org/debian-lts-announce/2020/10/msg00005.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BE6FKUN7IGTIR2MEEMWYDT7N5EJJLZI2/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BMTFLVB7GLRF2CKGFPZ4G4R5DIIPHWI3/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJJDI7JQFGQLVNCKMVY64LAFMKERAOK7/",
"https://security.netapp.com/advisory/ntap-20210219-0007/",
"https://security.netapp.com/advisory/ntap-20210226-0006/",
"https://security.netapp.com/advisory/ntap-20210226-0007/",
"https://usn.ubuntu.com/4477-1/",
"https://usn.ubuntu.com/4551-1/",
"https://www.debian.org/security/2020/dsa-4751",
"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00017.html",
"http://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_9.patch",
"https://github.com/squid-cache/squid/security/advisories/GHSA-vvj7-xjgq-g2jg",
"https://lists.debian.org/debian-lts-announce/2020/10/msg00005.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BE6FKUN7IGTIR2MEEMWYDT7N5EJJLZI2/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BMTFLVB7GLRF2CKGFPZ4G4R5DIIPHWI3/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJJDI7JQFGQLVNCKMVY64LAFMKERAOK7/",
"https://security.netapp.com/advisory/ntap-20210219-0007/",
"https://security.netapp.com/advisory/ntap-20210226-0006/",
"https://security.netapp.com/advisory/ntap-20210226-0007/",
"https://usn.ubuntu.com/4477-1/",
"https://usn.ubuntu.com/4551-1/",
"https://www.debian.org/security/2020/dsa-4751"
],
"score": 8.6,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exists because peerDigestHandleReply() livelocking in peer_digest.cc mishandles EOF.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"weakness": "CWE-667"
},
"CVE-2020-25097": {
"id": "CVE-2020-25097",
"references": [
"http://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_11.patch",
"http://www.squid-cache.org/Versions/v5/changesets/SQUID-2020_11.patch",
"https://github.com/squid-cache/squid/security/advisories/GHSA-jvf6-h9gj-pmj6",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJMDRVV677AJL4BZAOLCT5LMFCGBZTC2/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FBXFWKIGXPERDVQXG556LLPUOCMQGERC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RYBDMJCPYGOSURWDR3WJTE474UFT77/",
"https://security.gentoo.org/glsa/202105-14",
"https://security.netapp.com/advisory/ntap-20210727-0010/",
"https://www.debian.org/security/2021/dsa-4873",
"http://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_11.patch",
"http://www.squid-cache.org/Versions/v5/changesets/SQUID-2020_11.patch",
"https://github.com/squid-cache/squid/security/advisories/GHSA-jvf6-h9gj-pmj6",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJMDRVV677AJL4BZAOLCT5LMFCGBZTC2/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FBXFWKIGXPERDVQXG556LLPUOCMQGERC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RYBDMJCPYGOSURWDR3WJTE474UFT77/",
"https://security.gentoo.org/glsa/202105-14",
"https://security.netapp.com/advisory/ntap-20210727-0010/",
"https://www.debian.org/security/2021/dsa-4873"
],
"score": 8.6,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"weakness": "CWE-20"
},
"CVE-2020-35452": {
"id": "CVE-2020-35452",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/5",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rccb1b8225583a48c6360edc7a93cc97ae8b0215791e455dc607e7602%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.debian.org/security/2021/dsa-4937",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/5",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rccb1b8225583a48c6360edc7a93cc97ae8b0215791e455dc607e7602%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.debian.org/security/2021/dsa-4937",
"https://www.oracle.com/security-alerts/cpuoct2021.html"
],
"score": 7.3,
"services": [
"9200/http"
],
"severity": "high",
"summary": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"weakness": "CWE-787"
},
"CVE-2020-8449": {
"id": "CVE-2020-8449",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00010.html",
"http://www.squid-cache.org/Advisories/SQUID-2020_1.txt",
"http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2020_1.patch",
"http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-8e657e835965c3a011375feaa0359921c5b3e2dd.patch",
"http://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_1.patch",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-b3a0719affab099c684f1cd62b79ab02816fa962.patch",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-d8e4715992d0e530871519549add5519cbac0598.patch",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6W2IQ7QV2OGREFFUBNVZIDD3RJBDE4R/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TSU6SPANL27AGK5PCGBJOKG4LUWA555J/",
"https://security.gentoo.org/glsa/202003-34",
"https://security.netapp.com/advisory/ntap-20210304-0002/",
"https://usn.ubuntu.com/4289-1/",
"https://www.debian.org/security/2020/dsa-4682",
"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00010.html",
"http://www.squid-cache.org/Advisories/SQUID-2020_1.txt",
"http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2020_1.patch",
"http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-8e657e835965c3a011375feaa0359921c5b3e2dd.patch",
"http://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_1.patch",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-b3a0719affab099c684f1cd62b79ab02816fa962.patch",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-d8e4715992d0e530871519549add5519cbac0598.patch",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6W2IQ7QV2OGREFFUBNVZIDD3RJBDE4R/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TSU6SPANL27AGK5PCGBJOKG4LUWA555J/",
"https://security.gentoo.org/glsa/202003-34",
"https://security.netapp.com/advisory/ntap-20210304-0002/",
"https://usn.ubuntu.com/4289-1/",
"https://www.debian.org/security/2020/dsa-4682"
],
"score": 7.5,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-668"
},
"CVE-2020-8450": {
"id": "CVE-2020-8450",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00010.html",
"http://www.squid-cache.org/Advisories/SQUID-2020_1.txt",
"http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2020_1.patch",
"http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-8e657e835965c3a011375feaa0359921c5b3e2dd.patch",
"http://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_1.patch",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-b3a0719affab099c684f1cd62b79ab02816fa962.patch",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-d8e4715992d0e530871519549add5519cbac0598.patch",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6W2IQ7QV2OGREFFUBNVZIDD3RJBDE4R/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TSU6SPANL27AGK5PCGBJOKG4LUWA555J/",
"https://security.gentoo.org/glsa/202003-34",
"https://security.netapp.com/advisory/ntap-20210304-0002/",
"https://usn.ubuntu.com/4289-1/",
"https://www.debian.org/security/2020/dsa-4682",
"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00010.html",
"http://www.squid-cache.org/Advisories/SQUID-2020_1.txt",
"http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2020_1.patch",
"http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-8e657e835965c3a011375feaa0359921c5b3e2dd.patch",
"http://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_1.patch",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-b3a0719affab099c684f1cd62b79ab02816fa962.patch",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-d8e4715992d0e530871519549add5519cbac0598.patch",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6W2IQ7QV2OGREFFUBNVZIDD3RJBDE4R/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TSU6SPANL27AGK5PCGBJOKG4LUWA555J/",
"https://security.gentoo.org/glsa/202003-34",
"https://security.netapp.com/advisory/ntap-20210304-0002/",
"https://usn.ubuntu.com/4289-1/",
"https://www.debian.org/security/2020/dsa-4682"
],
"score": 7.3,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"weakness": "CWE-131"
},
"CVE-2020-8517": {
"id": "CVE-2020-8517",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00010.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00018.html",
"http://www.squid-cache.org/Advisories/SQUID-2020_3.txt",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-6982f1187a26557e582172965e266f544ea562a5.patch",
"https://security.gentoo.org/glsa/202003-34",
"https://security.netapp.com/advisory/ntap-20210304-0002/",
"https://usn.ubuntu.com/4289-1/",
"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00010.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00018.html",
"http://www.squid-cache.org/Advisories/SQUID-2020_3.txt",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-6982f1187a26557e582172965e266f544ea562a5.patch",
"https://security.gentoo.org/glsa/202003-34",
"https://security.netapp.com/advisory/ntap-20210304-0002/",
"https://usn.ubuntu.com/4289-1/"
],
"score": 7.5,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may write to memory outside the credentials buffer. On systems with memory access protections, this can result in the helper process being terminated unexpectedly. This leads to the Squid process also terminating and a denial of service for all clients using the proxy.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-20"
},
"CVE-2020-9490": {
"id": "CVE-2020-9490",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00081.html",
"http://packetstormsecurity.com/files/160392/Apache-2.4.43-mod_http2-Memory-Corruption.html",
"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-9490",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0b6541c5fb2f8fb383861333400add7def625bc993300300de0b4f8d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5debe8f82728a00a4a68bc904dd6c35423bdfc8d601cfb4579f38bf1%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r97d0faab6ed8fd0d439234b16d05d77b22a07b0c4817e7b3cca419cc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e485ce5a01c9dc3d4d785a7d28aa7400ead1e81884034ff1f03cfee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e9f1a7609760f0f80562eaaec2aa3c32d525c3e0fca98b475240c71%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra4da876037477c06f2677d7a1e10b5a8613000fca99c813958070fe9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfed9fea918e090383da33e393eb6c2755fccf05032bd7d6eb4737c9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4NKWG2EXAQQB6LMLATKZ7KLSRGCSHVAN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVFDBVM6E3JF3O7RYLRPRCH3RDRHJJY/",
"https://security.gentoo.org/glsa/202008-04",
"https://security.netapp.com/advisory/ntap-20200814-0005/",
"https://usn.ubuntu.com/4458-1/",
"https://www.debian.org/security/2020/dsa-4757",
"https://www.oracle.com/security-alerts/cpujan2021.html",
"https://www.oracle.com/security-alerts/cpuoct2020.html"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via \"H2Push off\" will mitigate this vulnerability for unpatched servers.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-444"
},
"CVE-2021-23336": {
"id": "CVE-2021-23336",
"references": [
"http://www.openwall.com/lists/oss-security/2021/02/19/4",
"http://www.openwall.com/lists/oss-security/2021/05/01/2",
"https://github.com/python/cpython/pull/24297",
"https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367%40%3Cusers.airflow.apache.org%3E",
"https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432%40%3Cannounce.apache.org%3E",
"https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html",
"https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/",
"https://security.gentoo.org/glsa/202104-04",
"https://security.netapp.com/advisory/ntap-20210326-0004/",
"https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/",
"https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933",
"https://www.oracle.com//security-alerts/cpujul2021.html",
"https://www.oracle.com/security-alerts/cpuApr2021.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"http://www.openwall.com/lists/oss-security/2021/02/19/4",
"http://www.openwall.com/lists/oss-security/2021/05/01/2",
"https://github.com/python/cpython/pull/24297",
"https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367%40%3Cusers.airflow.apache.org%3E",
"https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432%40%3Cannounce.apache.org%3E",
"https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html",
"https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/",
"https://security.gentoo.org/glsa/202104-04",
"https://security.netapp.com/advisory/ntap-20210326-0004/",
"https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/",
"https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933",
"https://www.oracle.com//security-alerts/cpujul2021.html",
"https://www.oracle.com/security-alerts/cpuApr2021.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.oracle.com/security-alerts/cpuoct2021.html"
],
"score": 5.9,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H",
"weakness": "CWE-444"
},
"CVE-2021-26690": {
"id": "CVE-2021-26690",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/6",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rae406c1d19c0dfd3103c96923dadac2af1cd0bad6905ab1ede153865%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.debian.org/security/2021/dsa-4937",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/6",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rae406c1d19c0dfd3103c96923dadac2af1cd0bad6905ab1ede153865%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.debian.org/security/2021/dsa-4937",
"https://www.oracle.com/security-alerts/cpuoct2021.html"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2021-26691": {
"id": "CVE-2021-26691",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/7",
"https://lists.apache.org/thread.html/r50cae1b71f1e7421069036b213c26da7d8f47dd59874e3bd956959fe%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.debian.org/security/2021/dsa-4937",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/7",
"https://lists.apache.org/thread.html/r50cae1b71f1e7421069036b213c26da7d8f47dd59874e3bd956959fe%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.debian.org/security/2021/dsa-4937",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.oracle.com/security-alerts/cpuoct2021.html"
],
"score": 9.8,
"services": [
"9200/http"
],
"severity": "critical",
"summary": "In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-122"
},
"CVE-2021-28116": {
"id": "CVE-2021-28116",
"references": [
"http://www.openwall.com/lists/oss-security/2021/10/04/1",
"http://www.squid-cache.org/Versions/",
"https://github.com/squid-cache/squid/security/advisories/GHSA-rgf3-9v3p-qp82",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSQ3U54ZCNXR44QRPW3AV2VCS6K3TKCF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4EPIWUZDJAXADDHVOPKRBTQHPBR6H66/",
"https://security.gentoo.org/glsa/202105-14",
"https://www.debian.org/security/2022/dsa-5171",
"https://www.zerodayinitiative.com/advisories/ZDI-21-157/",
"http://www.openwall.com/lists/oss-security/2021/10/04/1",
"http://www.squid-cache.org/Versions/",
"https://github.com/squid-cache/squid/security/advisories/GHSA-rgf3-9v3p-qp82",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSQ3U54ZCNXR44QRPW3AV2VCS6K3TKCF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4EPIWUZDJAXADDHVOPKRBTQHPBR6H66/",
"https://security.gentoo.org/glsa/202105-14",
"https://www.debian.org/security/2022/dsa-5171",
"https://www.zerodayinitiative.com/advisories/ZDI-21-157/"
],
"score": 3.7,
"services": [
"27018/http-proxy"
],
"severity": "low",
"summary": "Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"weakness": "CWE-125"
},
"CVE-2021-28651": {
"id": "CVE-2021-28651",
"references": [
"http://seclists.org/fulldisclosure/2023/Oct/14",
"http://www.openwall.com/lists/oss-security/2023/10/11/3",
"https://bugs.squid-cache.org/show_bug.cgi?id=5104",
"https://github.com/squid-cache/squid/security/advisories/GHSA-ch36-9jhx-phm4",
"https://lists.debian.org/debian-lts-announce/2021/06/msg00014.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSQ3U54ZCNXR44QRPW3AV2VCS6K3TKCF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4EPIWUZDJAXADDHVOPKRBTQHPBR6H66/",
"https://security.netapp.com/advisory/ntap-20210716-0007/",
"https://www.debian.org/security/2021/dsa-4924",
"http://seclists.org/fulldisclosure/2023/Oct/14",
"http://www.openwall.com/lists/oss-security/2023/10/11/3",
"https://bugs.squid-cache.org/show_bug.cgi?id=5104",
"https://github.com/squid-cache/squid/security/advisories/GHSA-ch36-9jhx-phm4",
"https://lists.debian.org/debian-lts-announce/2021/06/msg00014.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSQ3U54ZCNXR44QRPW3AV2VCS6K3TKCF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4EPIWUZDJAXADDHVOPKRBTQHPBR6H66/",
"https://security.netapp.com/advisory/ntap-20210716-0007/",
"https://www.debian.org/security/2021/dsa-4924"
],
"score": 7.5,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology that can easily trigger a large amount of memory consumption.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-401"
},
"CVE-2021-28652": {
"id": "CVE-2021-28652",
"references": [
"http://seclists.org/fulldisclosure/2023/Oct/14",
"http://www.openwall.com/lists/oss-security/2023/10/11/3",
"https://bugs.squid-cache.org/show_bug.cgi?id=5106",
"https://github.com/squid-cache/squid/security/advisories/GHSA-m47m-9hvw-7447",
"https://lists.debian.org/debian-lts-announce/2021/06/msg00014.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSQ3U54ZCNXR44QRPW3AV2VCS6K3TKCF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4EPIWUZDJAXADDHVOPKRBTQHPBR6H66/",
"https://www.debian.org/security/2021/dsa-4924",
"http://seclists.org/fulldisclosure/2023/Oct/14",
"http://www.openwall.com/lists/oss-security/2023/10/11/3",
"https://bugs.squid-cache.org/show_bug.cgi?id=5106",
"https://github.com/squid-cache/squid/security/advisories/GHSA-m47m-9hvw-7447",
"https://lists.debian.org/debian-lts-announce/2021/06/msg00014.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSQ3U54ZCNXR44QRPW3AV2VCS6K3TKCF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4EPIWUZDJAXADDHVOPKRBTQHPBR6H66/",
"https://www.debian.org/security/2021/dsa-4924"
],
"score": 4.9,
"services": [
"27018/http-proxy"
],
"severity": "medium",
"summary": "An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a Denial of Service via an unspecified short query string. This attack is limited to clients with Cache Manager API access privilege.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-401"
},
"CVE-2021-31806": {
"id": "CVE-2021-31806",
"references": [
"http://seclists.org/fulldisclosure/2023/Oct/14",
"http://www.openwall.com/lists/oss-security/2023/10/11/3",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-e7cf864f938f24eea8af0692c04d16790983c823.patch",
"https://github.com/squid-cache/squid/security/advisories/GHSA-pxwq-f3qr-w2xf",
"https://lists.debian.org/debian-lts-announce/2021/06/msg00014.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSQ3U54ZCNXR44QRPW3AV2VCS6K3TKCF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4EPIWUZDJAXADDHVOPKRBTQHPBR6H66/",
"https://security.netapp.com/advisory/ntap-20210716-0007/",
"https://www.debian.org/security/2021/dsa-4924",
"http://seclists.org/fulldisclosure/2023/Oct/14",
"http://www.openwall.com/lists/oss-security/2023/10/11/3",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-e7cf864f938f24eea8af0692c04d16790983c823.patch",
"https://github.com/squid-cache/squid/security/advisories/GHSA-pxwq-f3qr-w2xf",
"https://lists.debian.org/debian-lts-announce/2021/06/msg00014.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSQ3U54ZCNXR44QRPW3AV2VCS6K3TKCF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4EPIWUZDJAXADDHVOPKRBTQHPBR6H66/",
"https://security.netapp.com/advisory/ntap-20210716-0007/",
"https://www.debian.org/security/2021/dsa-4924"
],
"score": 6.5,
"services": [
"27018/http-proxy"
],
"severity": "medium",
"summary": "An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy) via HTTP Range request processing.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-116"
},
"CVE-2021-31807": {
"id": "CVE-2021-31807",
"references": [
"http://seclists.org/fulldisclosure/2023/Oct/14",
"http://www.openwall.com/lists/oss-security/2023/10/11/3",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-e7cf864f938f24eea8af0692c04d16790983c823.patch",
"https://github.com/squid-cache/squid/security/advisories/GHSA-pxwq-f3qr-w2xf",
"https://lists.debian.org/debian-lts-announce/2021/06/msg00014.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSQ3U54ZCNXR44QRPW3AV2VCS6K3TKCF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4EPIWUZDJAXADDHVOPKRBTQHPBR6H66/",
"https://security.netapp.com/advisory/ntap-20210716-0007/",
"http://seclists.org/fulldisclosure/2023/Oct/14",
"http://www.openwall.com/lists/oss-security/2023/10/11/3",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-e7cf864f938f24eea8af0692c04d16790983c823.patch",
"https://github.com/squid-cache/squid/security/advisories/GHSA-pxwq-f3qr-w2xf",
"https://lists.debian.org/debian-lts-announce/2021/06/msg00014.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSQ3U54ZCNXR44QRPW3AV2VCS6K3TKCF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4EPIWUZDJAXADDHVOPKRBTQHPBR6H66/",
"https://security.netapp.com/advisory/ntap-20210716-0007/"
],
"score": 6.5,
"services": [
"27018/http-proxy"
],
"severity": "medium",
"summary": "An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to achieve Denial of Service when delivering responses to HTTP Range requests. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-190"
},
"CVE-2021-31808": {
"id": "CVE-2021-31808",
"references": [
"http://seclists.org/fulldisclosure/2023/Oct/14",
"http://www.openwall.com/lists/oss-security/2023/10/11/3",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-e7cf864f938f24eea8af0692c04d16790983c823.patch",
"https://github.com/squid-cache/squid/security/advisories/GHSA-pxwq-f3qr-w2xf",
"https://lists.debian.org/debian-lts-announce/2021/06/msg00014.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSQ3U54ZCNXR44QRPW3AV2VCS6K3TKCF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4EPIWUZDJAXADDHVOPKRBTQHPBR6H66/",
"https://security.netapp.com/advisory/ntap-20210716-0007/",
"https://www.debian.org/security/2021/dsa-4924",
"http://seclists.org/fulldisclosure/2023/Oct/14",
"http://www.openwall.com/lists/oss-security/2023/10/11/3",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-e7cf864f938f24eea8af0692c04d16790983c823.patch",
"https://github.com/squid-cache/squid/security/advisories/GHSA-pxwq-f3qr-w2xf",
"https://lists.debian.org/debian-lts-announce/2021/06/msg00014.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSQ3U54ZCNXR44QRPW3AV2VCS6K3TKCF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4EPIWUZDJAXADDHVOPKRBTQHPBR6H66/",
"https://security.netapp.com/advisory/ntap-20210716-0007/",
"https://www.debian.org/security/2021/dsa-4924"
],
"score": 6.5,
"services": [
"27018/http-proxy"
],
"severity": "medium",
"summary": "An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy). A client sends an HTTP Range request to trigger this.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-190"
},
"CVE-2021-32036": {
"id": "CVE-2021-32036",
"references": [
"https://jira.mongodb.org/browse/SERVER-59294",
"https://jira.mongodb.org/browse/SERVER-59294"
],
"score": 5.4,
"services": [
"27017/mongodb"
],
"severity": "medium",
"summary": "An authenticated user without any specific authorizations may be able to repeatedly invoke the features command where at a high volume may lead to resource depletion or generate high lock contention. This may result in denial of service and in rare cases could result in id field collisions. This issue affects MongoDB Server v5.0 versions prior to and including 5.0.3; MongoDB Server v4.4 versions prior to and including 4.4.9; MongoDB Server v4.2 versions prior to and including 4.2.16 and MongoDB Server v4.0 versions prior to and including 4.0.28",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"weakness": "CWE-770"
},
"CVE-2021-33193": {
"id": "CVE-2021-33193",
"references": [
"https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch",
"https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2023/03/msg00002.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/",
"https://portswigger.net/research/http2",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20210917-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2021-17"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "NVD-CWE-Other"
},
"CVE-2021-33620": {
"id": "CVE-2021-33620",
"references": [
"http://seclists.org/fulldisclosure/2023/Oct/14",
"http://www.openwall.com/lists/oss-security/2023/10/11/3",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-1e05a85bd28c22c9ca5d3ac9f5e86d6269ec0a8c.patch",
"http://www.squid-cache.org/Versions/v5/changesets/squid-5-8af775ed98bfd610f9ce762fe177e01b2675588c.patch",
"https://github.com/squid-cache/squid/security/advisories/GHSA-572g-rvwr-6c7f",
"https://lists.debian.org/debian-lts-announce/2021/06/msg00014.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSQ3U54ZCNXR44QRPW3AV2VCS6K3TKCF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4EPIWUZDJAXADDHVOPKRBTQHPBR6H66/",
"http://seclists.org/fulldisclosure/2023/Oct/14",
"http://www.openwall.com/lists/oss-security/2023/10/11/3",
"http://www.squid-cache.org/Versions/v4/changesets/squid-4-1e05a85bd28c22c9ca5d3ac9f5e86d6269ec0a8c.patch",
"http://www.squid-cache.org/Versions/v5/changesets/squid-5-8af775ed98bfd610f9ce762fe177e01b2675588c.patch",
"https://github.com/squid-cache/squid/security/advisories/GHSA-572g-rvwr-6c7f",
"https://lists.debian.org/debian-lts-announce/2021/06/msg00014.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSQ3U54ZCNXR44QRPW3AV2VCS6K3TKCF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4EPIWUZDJAXADDHVOPKRBTQHPBR6H66/"
],
"score": 6.5,
"services": [
"27018/http-proxy"
],
"severity": "medium",
"summary": "Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent by the server.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-20"
},
"CVE-2021-3426": {
"id": "CVE-2021-3426",
"references": [
"https://bugzilla.redhat.com/show_bug.cgi?id=1935913",
"https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/",
"https://security.gentoo.org/glsa/202104-04",
"https://security.netapp.com/advisory/ntap-20210629-0003/",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"https://bugzilla.redhat.com/show_bug.cgi?id=1935913",
"https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/",
"https://security.gentoo.org/glsa/202104-04",
"https://security.netapp.com/advisory/ntap-20210629-0003/",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.oracle.com/security-alerts/cpuoct2021.html"
],
"score": 5.7,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7.",
"vector_string": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-200"
},
"CVE-2021-34798": {
"id": "CVE-2021-34798",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2021-17",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2021-17"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2021-3733": {
"id": "CVE-2021-3733",
"references": [
"https://bugs.python.org/issue43075",
"https://bugzilla.redhat.com/show_bug.cgi?id=1995234",
"https://github.com/python/cpython/commit/7215d1ae25525c92b026166f9d5cac85fb",
"https://github.com/python/cpython/pull/24391",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html",
"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html",
"https://security.netapp.com/advisory/ntap-20220407-0001/",
"https://ubuntu.com/security/CVE-2021-3733",
"https://bugs.python.org/issue43075",
"https://bugzilla.redhat.com/show_bug.cgi?id=1995234",
"https://github.com/python/cpython/commit/7215d1ae25525c92b026166f9d5cac85fb",
"https://github.com/python/cpython/pull/24391",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html",
"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html",
"https://security.netapp.com/advisory/ntap-20220407-0001/",
"https://ubuntu.com/security/CVE-2021-3733"
],
"score": 6.5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-400"
},
"CVE-2021-39275": {
"id": "CVE-2021-39275",
"references": [
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html"
],
"score": 9.8,
"services": [
"9200/http"
],
"severity": "critical",
"summary": "ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2021-40438": {
"id": "CVE-2021-40438",
"references": [
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2021-17",
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2021-17"
],
"score": 9,
"services": [
"9200/http"
],
"severity": "critical",
"summary": "A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"weakness": "CWE-918"
},
"CVE-2021-44224": {
"id": "CVE-2021-44224",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2021/12/20/3",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211224-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.debian.org/security/2022/dsa-5035",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2022-01",
"https://www.tenable.com/security/tns-2022-03",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2021/12/20/3",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211224-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.debian.org/security/2022/dsa-5035",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2022-01",
"https://www.tenable.com/security/tns-2022-03"
],
"score": 8.2,
"services": [
"9200/http"
],
"severity": "high",
"summary": "A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"weakness": "CWE-476"
},
"CVE-2021-44790": {
"id": "CVE-2021-44790",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://packetstormsecurity.com/files/171631/Apache-2.4.x-Buffer-Overflow.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2021/12/20/4",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211224-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.debian.org/security/2022/dsa-5035",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2022-01",
"https://www.tenable.com/security/tns-2022-03",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://packetstormsecurity.com/files/171631/Apache-2.4.x-Buffer-Overflow.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2021/12/20/4",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211224-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.debian.org/security/2022/dsa-5035",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2022-01",
"https://www.tenable.com/security/tns-2022-03"
],
"score": 9.8,
"services": [
"9200/http"
],
"severity": "critical",
"summary": "A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2021-46784": {
"id": "CVE-2021-46784",
"references": [
"http://www.openwall.com/lists/oss-security/2023/10/13/1",
"http://www.openwall.com/lists/oss-security/2023/10/13/10",
"http://www.openwall.com/lists/oss-security/2023/10/21/1",
"http://www.squid-cache.org/Versions/v4/changesets/SQUID-2021_7.patch",
"http://www.squid-cache.org/Versions/v5/changesets/SQUID-2021_7.patch",
"https://github.com/squid-cache/squid/commit/5e2ea2b13bd98f53e29964ca26bb0d602a8a12b9",
"https://github.com/squid-cache/squid/security/advisories/GHSA-f5cp-6rh3-284w",
"https://security-tracker.debian.org/tracker/CVE-2021-46784",
"https://security.netapp.com/advisory/ntap-20221223-0007/",
"http://www.openwall.com/lists/oss-security/2023/10/13/1",
"http://www.openwall.com/lists/oss-security/2023/10/13/10",
"http://www.openwall.com/lists/oss-security/2023/10/21/1",
"http://www.squid-cache.org/Versions/v4/changesets/SQUID-2021_7.patch",
"http://www.squid-cache.org/Versions/v5/changesets/SQUID-2021_7.patch",
"https://github.com/squid-cache/squid/commit/5e2ea2b13bd98f53e29964ca26bb0d602a8a12b9",
"https://github.com/squid-cache/squid/security/advisories/GHSA-f5cp-6rh3-284w",
"https://security-tracker.debian.org/tracker/CVE-2021-46784",
"https://security.netapp.com/advisory/ntap-20221223-0007/"
],
"score": 6.5,
"services": [
"27018/http-proxy"
],
"severity": "medium",
"summary": "In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-617"
},
"CVE-2022-0391": {
"id": "CVE-2022-0391",
"references": [
"https://bugs.python.org/issue43882",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/",
"https://security.gentoo.org/glsa/202305-02",
"https://security.netapp.com/advisory/ntap-20220225-0009/",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://bugs.python.org/issue43882",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/",
"https://security.gentoo.org/glsa/202305-02",
"https://security.netapp.com/advisory/ntap-20220225-0009/",
"https://www.oracle.com/security-alerts/cpuapr2022.html"
],
"score": 7.5,
"services": [
"8500/http"
],
"severity": "high",
"summary": "A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\\r' and '\\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-74"
},
"CVE-2022-22719": {
"id": "CVE-2022-22719",
"references": [
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-665"
},
"CVE-2022-22720": {
"id": "CVE-2022-22720",
"references": [
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/3",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/3",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujul2022.html"
],
"score": 9.8,
"services": [
"9200/http"
],
"severity": "critical",
"summary": "Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-444"
},
"CVE-2022-22721": {
"id": "CVE-2022-22721",
"references": [
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/2",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/2",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujul2022.html"
],
"score": 9.1,
"services": [
"9200/http"
],
"severity": "critical",
"summary": "If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"weakness": "CWE-190"
},
"CVE-2022-23943": {
"id": "CVE-2022-23943",
"references": [
"http://www.openwall.com/lists/oss-security/2022/03/14/1",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.tenable.com/security/tns-2022-08",
"https://www.tenable.com/security/tns-2022-09",
"http://www.openwall.com/lists/oss-security/2022/03/14/1",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.tenable.com/security/tns-2022-08",
"https://www.tenable.com/security/tns-2022-09"
],
"score": 9.8,
"services": [
"9200/http"
],
"severity": "critical",
"summary": "Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-190"
},
"CVE-2022-26377": {
"id": "CVE-2022-26377",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/2",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/2",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-444"
},
"CVE-2022-26488": {
"id": "CVE-2022-26488",
"references": [
"https://mail.python.org/archives/list/security-announce%40python.org/thread/657Z4XULWZNIY5FRP3OWXHYKUSIH6DMN/",
"https://security.netapp.com/advisory/ntap-20220419-0005/",
"https://mail.python.org/archives/list/security-announce%40python.org/thread/657Z4XULWZNIY5FRP3OWXHYKUSIH6DMN/",
"https://security.netapp.com/advisory/ntap-20220419-0005/"
],
"score": 7,
"services": [
"8500/http"
],
"severity": "high",
"summary": "In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2.",
"vector_string": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-426"
},
"CVE-2022-28330": {
"id": "CVE-2022-28330",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/3",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/3",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 5.3,
"services": [
"9200/http"
],
"severity": "medium",
"summary": "Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"weakness": "CWE-125"
},
"CVE-2022-28614": {
"id": "CVE-2022-28614",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 5.3,
"services": [
"9200/http"
],
"severity": "medium",
"summary": "The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the 'ap_rputs' function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"weakness": "CWE-190"
},
"CVE-2022-28615": {
"id": "CVE-2022-28615",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/9",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/9",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 9.1,
"services": [
"9200/http"
],
"severity": "critical",
"summary": "Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"weakness": "CWE-190"
},
"CVE-2022-29404": {
"id": "CVE-2022-29404",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/5",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/5",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-770"
},
"CVE-2022-30556": {
"id": "CVE-2022-30556",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/7",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/7",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-200"
},
"CVE-2022-31628": {
"id": "CVE-2022-31628",
"references": [
"https://bugs.php.net/bug.php?id=81726",
"https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/",
"https://security.gentoo.org/glsa/202211-03",
"https://security.netapp.com/advisory/ntap-20221209-0001/",
"https://www.debian.org/security/2022/dsa-5277",
"https://bugs.php.net/bug.php?id=81726",
"https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/",
"https://security.gentoo.org/glsa/202211-03",
"https://security.netapp.com/advisory/ntap-20221209-0001/",
"https://www.debian.org/security/2022/dsa-5277"
],
"score": 2.3,
"services": [
"6379/echo"
],
"severity": "low",
"summary": "In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress \"quines\" gzip files, resulting in an infinite loop.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"weakness": "CWE-674"
},
"CVE-2022-31629": {
"id": "CVE-2022-31629",
"references": [
"http://www.openwall.com/lists/oss-security/2024/04/12/11",
"https://bugs.php.net/bug.php?id=81727",
"https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJZK3X6B7FBE32FETDSMRLJXTFTHKWSY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSJVPJTX7T3J5V7XHR4MFNHZGP44R5XE/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGWIK3HMBACERGB4TSBB2JUOMPYY2VKY/",
"https://security.gentoo.org/glsa/202211-03",
"https://security.netapp.com/advisory/ntap-20221209-0001/",
"https://www.debian.org/security/2022/dsa-5277",
"http://www.openwall.com/lists/oss-security/2024/04/12/11",
"https://bugs.php.net/bug.php?id=81727",
"https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJZK3X6B7FBE32FETDSMRLJXTFTHKWSY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSJVPJTX7T3J5V7XHR4MFNHZGP44R5XE/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGWIK3HMBACERGB4TSBB2JUOMPYY2VKY/",
"https://security.gentoo.org/glsa/202211-03",
"https://security.netapp.com/advisory/ntap-20221209-0001/",
"https://www.debian.org/security/2022/dsa-5277"
],
"score": 6.5,
"services": [
"6379/echo"
],
"severity": "medium",
"summary": "In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"weakness": "CWE-20"
},
"CVE-2022-31681": {
"id": "CVE-2022-31681",
"references": [
"https://www.vmware.com/security/advisories/VMSA-2022-0025.html"
],
"score": 6.5,
"services": [
"443/sip-proxy"
],
"severity": "medium",
"summary": "VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2022-31813": {
"id": "CVE-2022-31813",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/8",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/8",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 9.8,
"services": [
"9200/http"
],
"severity": "critical",
"summary": "Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-348"
},
"CVE-2022-36760": {
"id": "CVE-2022-36760",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 9,
"services": [
"9200/http"
],
"severity": "critical",
"summary": "Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"weakness": "CWE-444"
},
"CVE-2022-37436": {
"id": "CVE-2022-37436",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 5.3,
"services": [
"9200/http"
],
"severity": "medium",
"summary": "Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"weakness": "CWE-113"
},
"CVE-2022-41318": {
"id": "CVE-2022-41318",
"references": [
"http://www.squid-cache.org/Versions/v4/changesets/SQUID-2022_2.patch",
"http://www.squid-cache.org/Versions/v5/changesets/SQUID-2022_2.patch",
"https://github.com/squid-cache/squid/security/advisories/GHSA-394c-rr7q-6g78",
"https://www.openwall.com/lists/oss-security/2022/09/23/2",
"http://www.squid-cache.org/Versions/v4/changesets/SQUID-2022_2.patch",
"http://www.squid-cache.org/Versions/v5/changesets/SQUID-2022_2.patch",
"https://github.com/squid-cache/squid/security/advisories/GHSA-394c-rr7q-6g78",
"https://www.openwall.com/lists/oss-security/2022/09/23/2"
],
"score": 8.6,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a client. This is fixed in 5.7.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"weakness": "CWE-190"
},
"CVE-2022-45061": {
"id": "CVE-2022-45061",
"references": [
"https://github.com/python/cpython/issues/98433",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html",
"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35YDIWCUMWTMDBWFRAVENFH6BLB65D6S/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4WBZJNSALFGMPYTINIF57HAAK46U72WQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B3YI6JYARWU6GULWOHNUROSACT54XFFS/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4MYQ3IV6NWA4CKSXEHW45CH2YNDHEPH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BWJREJHWVRBYDP43YB5WRL3QC7UBA7BR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN26PWZTYG6IF3APLRXQJBVACQHZUPT2/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTYVESWVBPD57ZJC35G5722Q6TS37WSB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O67LRHDTJWH544KXB6KY4HMHQLYDXFPK/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCKD4AFBHXIMHS64ZER2U7QRT33HNE7L/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK/",
"https://security.gentoo.org/glsa/202305-02",
"https://security.netapp.com/advisory/ntap-20221209-0007/",
"https://github.com/python/cpython/issues/98433",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html",
"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35YDIWCUMWTMDBWFRAVENFH6BLB65D6S/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4WBZJNSALFGMPYTINIF57HAAK46U72WQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B3YI6JYARWU6GULWOHNUROSACT54XFFS/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4MYQ3IV6NWA4CKSXEHW45CH2YNDHEPH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BWJREJHWVRBYDP43YB5WRL3QC7UBA7BR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN26PWZTYG6IF3APLRXQJBVACQHZUPT2/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTYVESWVBPD57ZJC35G5722Q6TS37WSB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O67LRHDTJWH544KXB6KY4HMHQLYDXFPK/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCKD4AFBHXIMHS64ZER2U7QRT33HNE7L/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK/",
"https://security.gentoo.org/glsa/202305-02",
"https://security.netapp.com/advisory/ntap-20221209-0007/"
],
"score": 7.5,
"services": [
"8500/http"
],
"severity": "high",
"summary": "An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-407"
},
"CVE-2022-48560": {
"id": "CVE-2022-48560",
"references": [
"https://bugs.python.org/issue39421",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZ5OOBWNYWXFTZDMCGHJVGDLDTHLWITJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VO7Y2YZSDK3UYJD2KBGLXRTGNG6T326J/",
"https://security.netapp.com/advisory/ntap-20230929-0008/",
"https://bugs.python.org/issue39421",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZ5OOBWNYWXFTZDMCGHJVGDLDTHLWITJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VO7Y2YZSDK3UYJD2KBGLXRTGNG6T326J/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/JZ5OOBWNYWXFTZDMCGHJVGDLDTHLWITJ/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/VO7Y2YZSDK3UYJD2KBGLXRTGNG6T326J/",
"https://security.netapp.com/advisory/ntap-20230929-0008/"
],
"score": 7.5,
"services": [
"8500/http"
],
"severity": "high",
"summary": "A use-after-free exists in Python through 3.9 via heappushpop in heapq.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-416"
},
"CVE-2022-48564": {
"id": "CVE-2022-48564",
"references": [
"https://bugs.python.org/issue42103",
"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
"https://security.netapp.com/advisory/ntap-20230929-0009/",
"https://bugs.python.org/issue42103",
"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
"https://security.netapp.com/advisory/ntap-20230929-0009/"
],
"score": 6.5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"weakness": "CWE-400"
},
"CVE-2022-48565": {
"id": "CVE-2022-48565",
"references": [
"https://bugs.python.org/issue42051",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA/",
"https://security.netapp.com/advisory/ntap-20231006-0007/",
"https://bugs.python.org/issue42051",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA/",
"https://security.netapp.com/advisory/ntap-20231006-0007/"
],
"score": 9.8,
"services": [
"8500/http"
],
"severity": "critical",
"summary": "An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-611"
},
"CVE-2022-48566": {
"id": "CVE-2022-48566",
"references": [
"https://bugs.python.org/issue40791",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
"https://security.netapp.com/advisory/ntap-20231006-0013/",
"https://bugs.python.org/issue40791",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
"https://security.netapp.com/advisory/ntap-20231006-0013/"
],
"score": 5.9,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-362"
},
"CVE-2023-24329": {
"id": "CVE-2023-24329",
"references": [
"https://github.com/python/cpython/issues/102153",
"https://github.com/python/cpython/pull/99421",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/",
"https://pointernull.com/security/python-url-parse-problem.html",
"https://security.netapp.com/advisory/ntap-20230324-0004/",
"https://www.kb.cert.org/vuls/id/127587",
"https://github.com/python/cpython/issues/102153",
"https://github.com/python/cpython/pull/99421",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/",
"https://pointernull.com/security/python-url-parse-problem.html",
"https://security.netapp.com/advisory/ntap-20230324-0004/",
"https://www.kb.cert.org/vuls/id/127587"
],
"score": 7.5,
"services": [
"8500/http"
],
"severity": "high",
"summary": "An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-20"
},
"CVE-2023-25690": {
"id": "CVE-2023-25690",
"references": [
"http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01",
"http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 9.8,
"services": [
"9200/http"
],
"severity": "critical",
"summary": "Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.\n\n\n\n\nConfigurations are affected when mod_proxy is enabled along with some form of RewriteRule\n or ProxyPassMatch in which a non-specific pattern matches\n some portion of the user-supplied request-target (URL) data and is then\n re-inserted into the proxied request-target using variable \nsubstitution. For example, something like:\n\n\n\n\nRewriteEngine on\nRewriteRule \"^/here/(.*)\" \"http://example.com:8080/elsewhere?$1\"; [P]\nProxyPassReverse /here/ http://example.com:8080/\n\n\nRequest splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-444"
},
"CVE-2023-27043": {
"id": "CVE-2023-27043",
"references": [
"http://python.org",
"https://github.com/python/cpython/issues/102988",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ZAEFSFZDNBNJPNOUTLG5COISGQDLMGV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/75DTHSTNOFFNAWHXKMDXS7EJWC6W2FUC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ARI7VDSNTQVXRQFM6IK5GSSLEIYV4VZH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQAKLUJMHFGVBRDPEY57BJGNCE5UUPHW/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXYVPEZUA3465AEFX5JVFVP7KIFZMF3N/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6M5I6OQHJABNEYY555HUMMKX3Y4P25Z/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEUNZSZ3CVSM2QWVYH3N2XGOCDWNYUA3/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORLXS5YTKN65E2Q2NWKXMFS5FWQHRNZW/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2MAICLFDDO3QVNHTZ2OCERZQ34R2PIC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2W2BZQIHMCKRI5FNBJERFYMS5PK6TAH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PHVGRKQAGANCSGFI3QMYOCIMS4IFOZA5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PU6Y2S5CBN5BWCBDAJFTGIBZLK3S2G3J/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QDRDDPDN3VFIYXJIYEABY6USX5EU66AG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDDC2VOX7OQC6OHMYTVD4HLFZIV6PYBC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SINP4OVYNB2AGDYI2GS37EMW3H3F7XPZ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SOX7BCN6YL7B3RFPEEXPIU5CMTEHJOKR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZXC32CJ7TWDPJO6GY2XIQRO7JZX5FLP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWMBD4LNHWEXRI6YVFWJMTJQUL5WOFTS/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQVY5C5REXWJIORJIL2FIL3ALOEJEF72/",
"https://python-security.readthedocs.io/vuln/email-parseaddr-realname.html",
"https://security.netapp.com/advisory/ntap-20230601-0003/",
"http://python.org",
"https://github.com/python/cpython/issues/102988",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ZAEFSFZDNBNJPNOUTLG5COISGQDLMGV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/75DTHSTNOFFNAWHXKMDXS7EJWC6W2FUC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ARI7VDSNTQVXRQFM6IK5GSSLEIYV4VZH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQAKLUJMHFGVBRDPEY57BJGNCE5UUPHW/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXYVPEZUA3465AEFX5JVFVP7KIFZMF3N/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6M5I6OQHJABNEYY555HUMMKX3Y4P25Z/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEUNZSZ3CVSM2QWVYH3N2XGOCDWNYUA3/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORLXS5YTKN65E2Q2NWKXMFS5FWQHRNZW/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2MAICLFDDO3QVNHTZ2OCERZQ34R2PIC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2W2BZQIHMCKRI5FNBJERFYMS5PK6TAH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PHVGRKQAGANCSGFI3QMYOCIMS4IFOZA5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PU6Y2S5CBN5BWCBDAJFTGIBZLK3S2G3J/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QDRDDPDN3VFIYXJIYEABY6USX5EU66AG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDDC2VOX7OQC6OHMYTVD4HLFZIV6PYBC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SINP4OVYNB2AGDYI2GS37EMW3H3F7XPZ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SOX7BCN6YL7B3RFPEEXPIU5CMTEHJOKR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZXC32CJ7TWDPJO6GY2XIQRO7JZX5FLP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWMBD4LNHWEXRI6YVFWJMTJQUL5WOFTS/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQVY5C5REXWJIORJIL2FIL3ALOEJEF72/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/4ZAEFSFZDNBNJPNOUTLG5COISGQDLMGV/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/75DTHSTNOFFNAWHXKMDXS7EJWC6W2FUC/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/ARI7VDSNTQVXRQFM6IK5GSSLEIYV4VZH/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/BQAKLUJMHFGVBRDPEY57BJGNCE5UUPHW/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/HXYVPEZUA3465AEFX5JVFVP7KIFZMF3N/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/N6M5I6OQHJABNEYY555HUMMKX3Y4P25Z/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/NEUNZSZ3CVSM2QWVYH3N2XGOCDWNYUA3/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/ORLXS5YTKN65E2Q2NWKXMFS5FWQHRNZW/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/P2MAICLFDDO3QVNHTZ2OCERZQ34R2PIC/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/P2W2BZQIHMCKRI5FNBJERFYMS5PK6TAH/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/PHVGRKQAGANCSGFI3QMYOCIMS4IFOZA5/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/PU6Y2S5CBN5BWCBDAJFTGIBZLK3S2G3J/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/QDRDDPDN3VFIYXJIYEABY6USX5EU66AG/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/RDDC2VOX7OQC6OHMYTVD4HLFZIV6PYBC/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/SINP4OVYNB2AGDYI2GS37EMW3H3F7XPZ/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/VZXC32CJ7TWDPJO6GY2XIQRO7JZX5FLP/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/XWMBD4LNHWEXRI6YVFWJMTJQUL5WOFTS/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/YQVY5C5REXWJIORJIL2FIL3ALOEJEF72/",
"https://python-security.readthedocs.io/vuln/email-parseaddr-realname.html",
"https://security.netapp.com/advisory/ntap-20230601-0003/"
],
"score": 5.3,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"weakness": "CWE-20"
},
"CVE-2023-29552": {
"id": "CVE-2023-29552",
"references": [
"https://blogs.vmware.com/security/2023/04/vmware-response-to-cve-2023-29552-reflective-denial-of-service-dos-amplification-vulnerability-in-slp.html",
"https://curesec.com/blog/article/CVE-2023-29552-Service-Location-Protocol-Denial-of-Service-Amplification-Attack-212.html",
"https://datatracker.ietf.org/doc/html/rfc2608",
"https://github.com/curesec/slpload",
"https://security.netapp.com/advisory/ntap-20230426-0001/",
"https://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp",
"https://www.cisa.gov/news-events/alerts/2023/04/25/abuse-service-location-protocol-may-lead-dos-attacks",
"https://www.suse.com/support/kb/doc/?id=000021051"
],
"score": 7.5,
"services": [
"443/sip-proxy"
],
"severity": "high",
"summary": "The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2023-31122": {
"id": "CVE-2023-31122",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW/",
"https://security.netapp.com/advisory/ntap-20231027-0011/",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW/",
"https://security.netapp.com/advisory/ntap-20231027-0011/"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-125"
},
"CVE-2023-36632": {
"id": "CVE-2023-36632",
"references": [
"https://docs.python.org/3/library/email.html",
"https://docs.python.org/3/library/email.utils.html",
"https://github.com/Daybreak2019/PoC_python3.9_Vul/blob/main/RecursionError-email.utils.parseaddr.py",
"https://github.com/python/cpython/issues/103800",
"https://docs.python.org/3/library/email.html",
"https://docs.python.org/3/library/email.utils.html",
"https://github.com/Daybreak2019/PoC_python3.9_Vul/blob/main/RecursionError-email.utils.parseaddr.py",
"https://github.com/python/cpython/issues/103800"
],
"score": 7.5,
"services": [
"8500/http"
],
"severity": "high",
"summary": "The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger \"RecursionError: maximum recursion depth exceeded while calling a Python object\" via a crafted argument. This argument is plausibly an untrusted value from an application's input data that was supposed to contain a name and an e-mail address. NOTE: email.utils.parseaddr is categorized as a Legacy API in the documentation of the Python email package. Applications should instead use the email.parser.BytesParser or email.parser.Parser class. NOTE: the vendor's perspective is that this is neither a vulnerability nor a bug. The email package is intended to have size limits and to throw an exception when limits are exceeded; they were exceeded by the example demonstration code.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-674"
},
"CVE-2023-40217": {
"id": "CVE-2023-40217",
"references": [
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
"https://mail.python.org/archives/list/security-announce%40python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/",
"https://security.netapp.com/advisory/ntap-20231006-0014/",
"https://www.python.org/dev/security/",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
"https://mail.python.org/archives/list/security-announce%40python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/",
"https://security.netapp.com/advisory/ntap-20231006-0014/",
"https://www.python.org/dev/security/"
],
"score": 5.3,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as \"not connected\" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.)",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2023-43336": {
"id": "CVE-2023-43336",
"references": [
"http://freepbx.com",
"http://sangoma.com",
"https://medium.com/%40janirudransh/security-disclosure-of-vulnerability-cve-2023-23336-4429d416f826",
"http://freepbx.com",
"http://sangoma.com",
"https://medium.com/%40janirudransh/security-disclosure-of-vulnerability-cve-2023-23336-4429d416f826"
],
"score": 8.8,
"services": [
"443/sip-proxy"
],
"severity": "high",
"summary": "Sangoma Technologies FreePBX before cdr 15.0.18, 16.0.40, 15.0.16, and 16.0.17 was discovered to contain an access control issue via a modified parameter value, e.g., changing extension=self to extension=101.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "NVD-CWE-Other"
},
"CVE-2023-45802": {
"id": "CVE-2023-45802",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/",
"https://security.netapp.com/advisory/ntap-20231027-0011/"
],
"score": 5.9,
"services": [
"9200/http"
],
"severity": "medium",
"summary": "When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.nnThis was found by the reporter during testing ofxa0CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During \"normal\" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out.nnUsers are recommended to upgrade to version 2.4.58, which fixes the issue.n",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-770"
},
"CVE-2023-46724": {
"id": "CVE-2023-46724",
"references": [
"http://www.squid-cache.org/Versions/v5/SQUID-2023_4.patch",
"http://www.squid-cache.org/Versions/v6/SQUID-2023_4.patch",
"https://github.com/squid-cache/squid/commit/b70f864940225dfe69f9f653f948e787f99c3810",
"https://github.com/squid-cache/squid/security/advisories/GHSA-73m6-jm96-c6r3",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/",
"https://security.netapp.com/advisory/ntap-20231208-0001/",
"http://www.squid-cache.org/Versions/v5/SQUID-2023_4.patch",
"http://www.squid-cache.org/Versions/v6/SQUID-2023_4.patch",
"https://github.com/squid-cache/squid/commit/b70f864940225dfe69f9f653f948e787f99c3810",
"https://github.com/squid-cache/squid/security/advisories/GHSA-73m6-jm96-c6r3",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/",
"https://security.netapp.com/advisory/ntap-20231208-0001/"
],
"score": 8.6,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump. This bug is fixed in Squid version 6.4. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. Those who you use a prepackaged version of Squid should refer to the package vendor for availability information on updated packages.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"weakness": "CWE-125"
},
"CVE-2023-46728": {
"id": "CVE-2023-46728",
"references": [
"https://github.com/squid-cache/squid/commit/6ea12e8fb590ac6959e9356a81aa3370576568c3",
"https://github.com/squid-cache/squid/security/advisories/GHSA-cg5h-v6vc-w33f",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/",
"https://security.netapp.com/advisory/ntap-20231214-0006/",
"https://github.com/squid-cache/squid/commit/6ea12e8fb590ac6959e9356a81aa3370576568c3",
"https://github.com/squid-cache/squid/security/advisories/GHSA-cg5h-v6vc-w33f",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/",
"https://security.netapp.com/advisory/ntap-20231214-0006/"
],
"score": 7.5,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid prior to Squid 6.0.1. Responses triggering this bug are possible to be received from any gopher server, even those without malicious intent. Gopher support has been removed in Squid version 6.0.1. Users are advised to upgrade. Users unable to upgrade should reject all gopher URL requests.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2023-46846": {
"id": "CVE-2023-46846",
"references": [
"https://access.redhat.com/errata/RHSA-2023:6266",
"https://access.redhat.com/errata/RHSA-2023:6267",
"https://access.redhat.com/errata/RHSA-2023:6268",
"https://access.redhat.com/errata/RHSA-2023:6748",
"https://access.redhat.com/errata/RHSA-2023:6801",
"https://access.redhat.com/errata/RHSA-2023:6803",
"https://access.redhat.com/errata/RHSA-2023:6804",
"https://access.redhat.com/errata/RHSA-2023:6810",
"https://access.redhat.com/errata/RHSA-2023:7213",
"https://access.redhat.com/errata/RHSA-2024:11049",
"https://access.redhat.com/security/cve/CVE-2023-46846",
"https://bugzilla.redhat.com/show_bug.cgi?id=2245910",
"https://github.com/squid-cache/squid/security/advisories/GHSA-j83v-w3p4-5cqh",
"https://access.redhat.com/errata/RHSA-2023:6266",
"https://access.redhat.com/errata/RHSA-2023:6267",
"https://access.redhat.com/errata/RHSA-2023:6268",
"https://access.redhat.com/errata/RHSA-2023:6748",
"https://access.redhat.com/errata/RHSA-2023:6801",
"https://access.redhat.com/errata/RHSA-2023:6803",
"https://access.redhat.com/errata/RHSA-2023:6804",
"https://access.redhat.com/errata/RHSA-2023:6810",
"https://access.redhat.com/errata/RHSA-2023:7213",
"https://access.redhat.com/security/cve/CVE-2023-46846",
"https://bugzilla.redhat.com/show_bug.cgi?id=2245910",
"https://github.com/squid-cache/squid/security/advisories/GHSA-j83v-w3p4-5cqh",
"https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html",
"https://lists.debian.org/debian-lts-announce/2024/01/msg00008.html",
"https://security.netapp.com/advisory/ntap-20231130-0002/"
],
"score": 9.3,
"services": [
"27018/http-proxy"
],
"severity": "critical",
"summary": "SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N",
"weakness": "CWE-444"
},
"CVE-2023-46847": {
"id": "CVE-2023-46847",
"references": [
"https://access.redhat.com/errata/RHSA-2023:6266",
"https://access.redhat.com/errata/RHSA-2023:6267",
"https://access.redhat.com/errata/RHSA-2023:6268",
"https://access.redhat.com/errata/RHSA-2023:6748",
"https://access.redhat.com/errata/RHSA-2023:6801",
"https://access.redhat.com/errata/RHSA-2023:6803",
"https://access.redhat.com/errata/RHSA-2023:6804",
"https://access.redhat.com/errata/RHSA-2023:6805",
"https://access.redhat.com/errata/RHSA-2023:6810",
"https://access.redhat.com/errata/RHSA-2023:6882",
"https://access.redhat.com/errata/RHSA-2023:6884",
"https://access.redhat.com/errata/RHSA-2023:7213",
"https://access.redhat.com/errata/RHSA-2023:7576",
"https://access.redhat.com/errata/RHSA-2023:7578",
"https://access.redhat.com/security/cve/CVE-2023-46847",
"https://bugzilla.redhat.com/show_bug.cgi?id=2245916",
"https://github.com/squid-cache/squid/security/advisories/GHSA-phqj-m8gv-cq4g",
"https://access.redhat.com/errata/RHSA-2023:6266",
"https://access.redhat.com/errata/RHSA-2023:6267",
"https://access.redhat.com/errata/RHSA-2023:6268",
"https://access.redhat.com/errata/RHSA-2023:6748",
"https://access.redhat.com/errata/RHSA-2023:6801",
"https://access.redhat.com/errata/RHSA-2023:6803",
"https://access.redhat.com/errata/RHSA-2023:6804",
"https://access.redhat.com/errata/RHSA-2023:6805",
"https://access.redhat.com/errata/RHSA-2023:6810",
"https://access.redhat.com/errata/RHSA-2023:6882",
"https://access.redhat.com/errata/RHSA-2023:6884",
"https://access.redhat.com/errata/RHSA-2023:7213",
"https://access.redhat.com/errata/RHSA-2023:7576",
"https://access.redhat.com/errata/RHSA-2023:7578",
"https://access.redhat.com/security/cve/CVE-2023-46847",
"https://bugzilla.redhat.com/show_bug.cgi?id=2245916",
"https://github.com/squid-cache/squid/security/advisories/GHSA-phqj-m8gv-cq4g",
"https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html",
"https://security.netapp.com/advisory/ntap-20231130-0002/"
],
"score": 8.6,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"weakness": "CWE-120"
},
"CVE-2023-49285": {
"id": "CVE-2023-49285",
"references": [
"http://www.squid-cache.org/Versions/v5/SQUID-2023_7.patch",
"http://www.squid-cache.org/Versions/v6/SQUID-2023_7.patch",
"https://github.com/squid-cache/squid/commit/77b3fb4df0f126784d5fd4967c28ed40eb8d521b",
"https://github.com/squid-cache/squid/commit/deee944f9a12c9fd399ce52f3e2526bb573a9470",
"https://github.com/squid-cache/squid/security/advisories/GHSA-8w9r-p88v-mmx9",
"https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/",
"https://security.netapp.com/advisory/ntap-20240119-0004/",
"http://www.squid-cache.org/Versions/v5/SQUID-2023_7.patch",
"http://www.squid-cache.org/Versions/v6/SQUID-2023_7.patch",
"https://github.com/squid-cache/squid/commit/77b3fb4df0f126784d5fd4967c28ed40eb8d521b",
"https://github.com/squid-cache/squid/commit/deee944f9a12c9fd399ce52f3e2526bb573a9470",
"https://github.com/squid-cache/squid/security/advisories/GHSA-8w9r-p88v-mmx9",
"https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/",
"https://security.netapp.com/advisory/ntap-20240119-0004/"
],
"score": 8.6,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"weakness": "CWE-126"
},
"CVE-2023-49286": {
"id": "CVE-2023-49286",
"references": [
"http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch",
"https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264",
"https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27",
"https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/",
"https://security.netapp.com/advisory/ntap-20240119-0004/",
"http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch",
"https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264",
"https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27",
"https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/",
"https://security.netapp.com/advisory/ntap-20240119-0004/"
],
"score": 8.6,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"weakness": "CWE-253"
},
"CVE-2023-49288": {
"id": "CVE-2023-49288",
"references": [
"https://github.com/squid-cache/squid/security/advisories/GHSA-rj5h-46j6-q2g5",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/",
"https://security.netapp.com/advisory/ntap-20240119-0006/",
"https://github.com/squid-cache/squid/security/advisories/GHSA-rj5h-46j6-q2g5",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/",
"https://security.netapp.com/advisory/ntap-20240119-0006/"
],
"score": 8.6,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with \"collapsed_forwarding on\" are vulnerable. Configurations with \"collapsed_forwarding off\" or without a \"collapsed_forwarding\" directive are not vulnerable. This bug is fixed by Squid version 6.0.1. Users are advised to upgrade. Users unable to upgrade should remove all collapsed_forwarding lines from their squid.conf.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"weakness": "CWE-416"
},
"CVE-2023-50269": {
"id": "CVE-2023-50269",
"references": [
"http://www.squid-cache.org/Versions/v5/SQUID-2023_10.patch",
"http://www.squid-cache.org/Versions/v6/SQUID-2023_10.patch",
"https://github.com/squid-cache/squid/security/advisories/GHSA-wgq4-4cfg-c4x3",
"https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/",
"https://security.netapp.com/advisory/ntap-20240119-0005/",
"http://www.squid-cache.org/Versions/v5/SQUID-2023_10.patch",
"http://www.squid-cache.org/Versions/v6/SQUID-2023_10.patch",
"https://github.com/squid-cache/squid/security/advisories/GHSA-wgq4-4cfg-c4x3",
"https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/",
"https://security.netapp.com/advisory/ntap-20240119-0005/"
],
"score": 8.6,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to perform Denial of Service attack by sending a large X-Forwarded-For header when the follow_x_forwarded_for feature is configured. This bug is fixed by Squid version 6.6. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"weakness": "CWE-674"
},
"CVE-2023-5824": {
"id": "CVE-2023-5824",
"references": [
"https://access.redhat.com/errata/RHSA-2023:7465",
"https://access.redhat.com/errata/RHSA-2023:7668",
"https://access.redhat.com/errata/RHSA-2024:0072",
"https://access.redhat.com/errata/RHSA-2024:0397",
"https://access.redhat.com/errata/RHSA-2024:0771",
"https://access.redhat.com/errata/RHSA-2024:0772",
"https://access.redhat.com/errata/RHSA-2024:0773",
"https://access.redhat.com/errata/RHSA-2024:1153",
"https://access.redhat.com/security/cve/CVE-2023-5824",
"https://bugzilla.redhat.com/show_bug.cgi?id=2245914",
"https://github.com/squid-cache/squid/security/advisories/GHSA-543m-w2m2-g255",
"https://access.redhat.com/errata/RHSA-2023:7465",
"https://access.redhat.com/errata/RHSA-2023:7668",
"https://access.redhat.com/errata/RHSA-2024:0072",
"https://access.redhat.com/errata/RHSA-2024:0397",
"https://access.redhat.com/errata/RHSA-2024:0771",
"https://access.redhat.com/errata/RHSA-2024:0772",
"https://access.redhat.com/errata/RHSA-2024:0773",
"https://access.redhat.com/errata/RHSA-2024:1153",
"https://access.redhat.com/security/cve/CVE-2023-5824",
"https://bugzilla.redhat.com/show_bug.cgi?id=2245914",
"https://github.com/squid-cache/squid/security/advisories/GHSA-543m-w2m2-g255",
"https://security.netapp.com/advisory/ntap-20231130-0003/"
],
"score": 7.5,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "A flaw was found in Squid. The limits applied for validation of HTTP response headers are applied before caching. However, Squid may grow a cached HTTP response header beyond the configured maximum size, causing a stall or crash of the worker process when a large header is retrieved from the disk cache, resulting in a denial of service.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-755"
},
"CVE-2024-27316": {
"id": "CVE-2024-27316",
"references": [
"http://seclists.org/fulldisclosure/2024/Jul/18",
"http://www.openwall.com/lists/oss-security/2024/04/04/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://support.apple.com/kb/HT214119",
"https://www.openwall.com/lists/oss-security/2024/04/03/16"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-770"
},
"CVE-2024-38474": {
"id": "CVE-2024-38474",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/",
"http://www.openwall.com/lists/oss-security/2024/07/01/7",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/"
],
"score": 9.8,
"services": [
"9200/http"
],
"severity": "critical",
"summary": "Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in\ndirectories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI.\n\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.\n\nSome RewriteRules that capture and substitute unsafely will now fail unless rewrite flag \"UnsafeAllow3F\" is specified.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-116"
},
"CVE-2024-38476": {
"id": "CVE-2024-38476",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/",
"http://www.openwall.com/lists/oss-security/2024/07/01/9",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/"
],
"score": 9.8,
"services": [
"9200/http"
],
"severity": "critical",
"summary": "Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable.\n\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-829"
},
"CVE-2024-38477": {
"id": "CVE-2024-38477",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/",
"http://www.openwall.com/lists/oss-security/2024/07/01/10",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2024-40898": {
"id": "CVE-2024-40898",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2024/07/17/7",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240808-0006/"
],
"score": 7.5,
"services": [
"9200/http"
],
"severity": "high",
"summary": "SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests.\n\nUsers are recommended to upgrade to version 2.4.62 which fixes this issue. ",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-918"
},
"CVE-2024-4577": {
"id": "CVE-2024-4577",
"references": [
"http://www.openwall.com/lists/oss-security/2024/06/07/1",
"https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/",
"https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html",
"https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately",
"https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/",
"https://github.com/11whoami99/CVE-2024-4577",
"https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv",
"https://github.com/rapid7/metasploit-framework/pull/19247",
"https://github.com/watchtowrlabs/CVE-2024-4577",
"https://github.com/xcanwin/CVE-2024-4577-PHP-RCE",
"https://isc.sans.edu/diary/30994",
"https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/",
"https://security.netapp.com/advisory/ntap-20240621-0008/",
"https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/",
"https://www.php.net/ChangeLog-8.php#8.1.29",
"https://www.php.net/ChangeLog-8.php#8.2.20",
"https://www.php.net/ChangeLog-8.php#8.3.8",
"http://www.openwall.com/lists/oss-security/2024/06/07/1",
"https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/",
"https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html",
"https://blog.talosintelligence.com/new-persistent-attacks-japan/",
"https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately",
"https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/",
"https://github.com/11whoami99/CVE-2024-4577",
"https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv",
"https://github.com/rapid7/metasploit-framework/pull/19247",
"https://github.com/watchtowrlabs/CVE-2024-4577",
"https://github.com/xcanwin/CVE-2024-4577-PHP-RCE",
"https://isc.sans.edu/diary/30994",
"https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/",
"https://security.netapp.com/advisory/ntap-20240621-0008/",
"https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/",
"https://www.php.net/ChangeLog-8.php#8.1.29",
"https://www.php.net/ChangeLog-8.php#8.2.20",
"https://www.php.net/ChangeLog-8.php#8.3.8",
"https://www.vicarius.io/vsociety/posts/php-cgi-argument-injection-to-rce-cve-2024-4577",
"https://www.vicarius.io/vsociety/posts/php-cgi-os-command-injection-vulnerability-cve-2024-4577"
],
"score": 9.8,
"services": [
"6379/echo"
],
"severity": "critical",
"summary": "In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use \"Best-Fit\" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-78"
},
"CVE-2024-45802": {
"id": "CVE-2024-45802",
"references": [
"https://github.com/squid-cache/squid/security/advisories/GHSA-f975-v7qw-q7hj",
"https://security.netapp.com/advisory/ntap-20250103-0004/"
],
"score": 7.5,
"services": [
"27018/http-proxy"
],
"severity": "high",
"summary": "Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted server against all clients using the proxy. This bug is fixed in the default build configuration of Squid version 6.10.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-20"
},
"CVE-2024-6232": {
"id": "CVE-2024-6232",
"references": [
"https://github.com/python/cpython/commit/34ddb64d088dd7ccc321f6103d23153256caa5d4",
"https://github.com/python/cpython/commit/4eaf4891c12589e3c7bdad5f5b076e4c8392dd06",
"https://github.com/python/cpython/commit/743acbe872485dc18df4d8ab2dc7895187f062c4",
"https://github.com/python/cpython/commit/7d1f50cd92ff7e10a1c15a8f591dde8a6843a64d",
"https://github.com/python/cpython/commit/b4225ca91547aa97ed3aca391614afbb255bc877",
"https://github.com/python/cpython/commit/d449caf8a179e3b954268b3a88eb9170be3c8fbf",
"https://github.com/python/cpython/commit/ed3a49ea734ada357ff4442996fd4ae71d253373",
"https://github.com/python/cpython/issues/121285",
"https://github.com/python/cpython/pull/121286",
"https://mail.python.org/archives/list/[email protected]/thread/JRYFTPRHZRTLMZLWQEUHZSJXNHM4ACTY/",
"http://www.openwall.com/lists/oss-security/2024/09/03/5",
"https://security.netapp.com/advisory/ntap-20241018-0007/"
],
"score": 7.5,
"services": [
"8500/http"
],
"severity": "high",
"summary": "There is a MEDIUM severity vulnerability affecting CPython.\n\n\n\n\n\nRegular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-1333"
},
"CVE-2024-7592": {
"id": "CVE-2024-7592",
"references": [
"https://github.com/python/cpython/commit/391e5626e3ee5af267b97e37abc7475732e67621",
"https://github.com/python/cpython/commit/44e458357fca05ca0ae2658d62c8c595b048b5ef",
"https://github.com/python/cpython/commit/a77ab24427a18bff817025adb03ca920dc3f1a06",
"https://github.com/python/cpython/commit/b2f11ca7667e4d57c71c1c88b255115f16042d9a",
"https://github.com/python/cpython/commit/d4ac921a4b081f7f996a5d2b101684b67ba0ed7f",
"https://github.com/python/cpython/commit/d662e2db2605515a767f88ad48096b8ac623c774",
"https://github.com/python/cpython/commit/dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1",
"https://github.com/python/cpython/issues/123067",
"https://github.com/python/cpython/pull/123075",
"https://mail.python.org/archives/list/[email protected]/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/",
"https://security.netapp.com/advisory/ntap-20241018-0006/"
],
"score": 7.5,
"services": [
"8500/http"
],
"severity": "high",
"summary": "There is a LOW severity vulnerability affecting CPython, specifically the\n'http.cookies' standard library module.\n\n\nWhen parsing cookies that contained backslashes for quoted characters in\nthe cookie value, the parser would use an algorithm with quadratic\ncomplexity, resulting in excess CPU resources being used while parsing the\nvalue.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-400"
}
}
}