PT-2022-11384 · Mozilla+1 · Geckodriver
Gabriel Corona
·
Published
2022-05-02
·
Updated
2022-05-11
·
CVE-2021-4138
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
No specific software or versions are mentioned in the provided descriptions.
Description
The issue concerns improved Host header checks. These checks are designed to reject requests that are not sent to a well-known local hostname or IP, or the server-specified hostname. This is a measure to enhance security by ensuring that requests are legitimate and targeted at the correct host.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Geckodriver