CVE-2022-43756

HIGH Year: 2022
CVSS v3 Score
7.5
High
Weakness Type
CWE-74
View all →

Vulnerability Description

A Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in SUSE Rancher allows remote attackers to cause denial of service by supplying specially crafted git credentials. This issue affects: SUSE Rancher wrangler version 0.7.3 and prior versions; wrangler version 0.8.4 and prior versions; wrangler version 1.0.0 and prior versions.

Related Vulnerabilities

CVE-2010-3668

HIGH
CVSS:7.5(High)

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Header Injection in the secure download feature jumpurl.

CWE-742010

CVE-2015-3200

HIGH
CVSS:7.5(High)

mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NU...

CWE-742015

CVE-2015-8258

HIGH
CVSS:7.5(High)

AXIS Communications products with firmware through 5.80.x allow remote attackers to modify arbitrary files as root via vectors involving Open Script Editor, aka a "resource injection vulnerability."

CWE-742015

CVE-2016-7125

HIGH
CVSS:7.5(High)

ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session da...

CWE-742016

CVE-2017-14523

HIGH
CVSS:7.5(High)

WonderCMS 2.3.1 is vulnerable to an HTTP Host header injection attack. It uses user-entered values to redirect pages. NOTE: the vendor reports that exploitation is unlikely because the attack can only...

CWE-742017