2 matches found
CVE-2026-30964 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2026-30964
A flaw was found in web-auth/webauthn-lib. The CheckAllowedOrigins function, when configured with allowedorigins, incorrectly processes URL-like values by reducing them to their host component. This behavior ignores scheme and port differences, preventing the enforcement of precise origin policie...