Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:37 a.m.9 views

CVE-2023-28628

lambdaisland/uri is a pure Clojure/ClojureScript URI library. In versions prior to 1.14.120 authority-regex allows an attacker to send malicious URLs to be parsed by the lambdaisland/uri and return the wrong authority. This issue is similar to but distinct from CVE-2020-8910. The regex in questio...

6.5CVSS6.5AI score0.00553EPSS
Exploits1References1
Circl
Circl
added 2023/03/28 2:39 a.m.10 views

CVE-2023-28628

creationtimestamp| type| source ---|---|--- 2023-03-28 02:39:19+00:00| seen| https://t.me/cibsecurity/60832...

6.1CVSS6AI score0.00553EPSS
Exploits1References1
NVD
NVD
added 2023/03/27 9:15 p.m.51 views

CVE-2023-28628

lambdaisland/uri is a pure Clojure/ClojureScript URI library. In versions prior to 1.14.120 authority-regex allows an attacker to send malicious URLs to be parsed by the lambdaisland/uri and return the wrong authority. This issue is similar to but distinct from CVE-2020-8910. The regex in questio...

6.1CVSS5.9AI score0.00553EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2023/03/27 9:15 p.m.48 views

CVE-2023-28628

lambdaisland/uri is a pure Clojure/ClojureScript URI library. In versions prior to 1.14.120 authority-regex allows an attacker to send malicious URLs to be parsed by the lambdaisland/uri and return the wrong authority. This issue is similar to but distinct from CVE-2020-8910. The regex in questio...

6.1CVSS6.3AI score0.00553EPSS
Exploits1References4
OSV
OSV
added 2023/03/27 9:15 p.m.6 views

UBUNTU-CVE-2023-28628

lambdaisland/uri is a pure Clojure/ClojureScript URI library. In versions prior to 1.14.120 authority-regex allows an attacker to send malicious URLs to be parsed by the lambdaisland/uri and return the wrong authority. This issue is similar to but distinct from CVE-2020-8910. The regex in questio...

6.1CVSS6.3AI score0.00553EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2023/03/27 8:20 p.m.10 views

CVE-2023-28628 `authority-regex` returns the wrong authority in lambdaisland/uri

lambdaisland/uri is a pure Clojure/ClojureScript URI library. In versions prior to 1.14.120 authority-regex allows an attacker to send malicious URLs to be parsed by the lambdaisland/uri and return the wrong authority. This issue is similar to but distinct from CVE-2020-8910. The regex in questio...

5.4CVSS6.5AI score0.00553EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2023/03/27 8:20 p.m.3 views

CVE-2023-28628

lambdaisland/uri is a pure Clojure/ClojureScript URI library. In versions prior to 1.14.120 authority-regex allows an attacker to send malicious URLs to be parsed by the lambdaisland/uri and return the wrong authority. This issue is similar to but distinct from CVE-2020-8910. The regex in questio...

6.1CVSS6.3AI score0.00553EPSS
Exploits1
Cvelist
Cvelist
added 2023/03/27 8:20 p.m.36 views

CVE-2023-28628 `authority-regex` returns the wrong authority in lambdaisland/uri

lambdaisland/uri is a pure Clojure/ClojureScript URI library. In versions prior to 1.14.120 authority-regex allows an attacker to send malicious URLs to be parsed by the lambdaisland/uri and return the wrong authority. This issue is similar to but distinct from CVE-2020-8910. The regex in questio...

5.4CVSS6.3AI score0.00553EPSS
Exploits1References2
CVE
CVE
added 2023/03/27 8:20 p.m.58 views

CVE-2023-28628

CVE-2023-28628 affects lambdaisland/uri (Clojure/ClojureScript) prior to 1.14.120, where authority-regex does not correctly handle backslashes in usernames, causing the library to parse and report an incorrect host (e.g., payload https://[email protected] returns host google.com instead of e...

6.1CVSS5.6AI score0.00553EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder