Burp Suite
by PortSwigger
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-10377 | Med | 0.38 | 5.9 | 0.01 | Jun 17, 2018 | PortSwigger Burp Suite before 1.7.34 has Improper Certificate Validation of the Collaborator server certificate, which might allow man-in-the-middle attackers to obtain interaction data. | ||
| CVE-2022-35406 | 0.00 | — | 0.01 | Jul 8, 2022 | A URL disclosure issue was discovered in Burp Suite before 2022.6. If a user views a crafted response in the Repeater or Intruder, it may be incorrectly interpreted as a redirect. | |||
| CVE-2021-29416 | 0.00 | — | 0.01 | Mar 29, 2021 | An issue was discovered in PortSwigger Burp Suite before 2021.2. During viewing of a malicious request, it can be manipulated into issuing a request that does not respect its upstream proxy configuration. This could leak NetNTLM hashes on Windows systems that fail to block… |
- risk 0.38cvss 5.9epss 0.01
PortSwigger Burp Suite before 1.7.34 has Improper Certificate Validation of the Collaborator server certificate, which might allow man-in-the-middle attackers to obtain interaction data.
- CVE-2022-35406Jul 8, 2022risk 0.00cvss —epss 0.01
A URL disclosure issue was discovered in Burp Suite before 2022.6. If a user views a crafted response in the Repeater or Intruder, it may be incorrectly interpreted as a redirect.
- CVE-2021-29416Mar 29, 2021risk 0.00cvss —epss 0.01
An issue was discovered in PortSwigger Burp Suite before 2021.2. During viewing of a malicious request, it can be manipulated into issuing a request that does not respect its upstream proxy configuration. This could leak NetNTLM hashes on Windows systems that fail to block…