Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/03/27 10:51 p.m.6 views

CVE-2026-33732

srvx is a universal server based on web standards. Prior to version 0.11.13, a pathname parsing discrepancy in srvx's FastURL allows middleware bypass on the Node.js adapter when a raw HTTP request uses an absolute URI with a non-standard scheme e.g. file://. Starting in version 0.11.13, the...

4.8CVSS5.9AI score0.00246EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/03/26 6:32 p.m.8 views

@aero-js/config (>=0.3.3 <=0.3.5), @aero-js/core (>=0.3.3 <=0.3.5) +58 more potentially affected by CVE-2026-33131 +1 more via srvx (>=0.10.1 <=0.11.12)

srvx NPM version =0.10.1, =0.3.3, =0.3.3, =0.3.3, =0.3.3, =0.3.3, =0.1.0, =0.1.0, =2.4.0-alpha.2, =2.4.0-alpha.2, =0.1.2, =0.0.1-alpha.0, =0.7.14, =0.2.0, =3.32.0, =3.33.0 and more Source cves: CVE-2026-33131, CVE-2026-33732 Source advisory: SNYK:JS-SRVX-15790571...

9.1CVSS5.7AI score0.00388EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/03/26 5:21 p.m.4 views

CVE-2026-33732

srvx is a universal server based on web standards. Prior to version 0.11.13, a pathname parsing discrepancy in srvx's FastURL allows middleware bypass on the Node.js adapter when a raw HTTP request uses an absolute URI with a non-standard scheme e.g. file://. Starting in version 0.11.13, the...

4.8CVSS5.8AI score0.00246EPSS
Exploits0References4Affected Software1
vulnersOsv
vulnersOsv
added 2026/03/26 4:52 p.m.7 views

@aero-js/config (>=0.3.3 <=0.3.5), @aero-js/core (>=0.3.3 <=0.3.5) +58 more potentially affected by CVE-2026-33732 via srvx (>=0.10.1 <=0.11.12)

srvx NPM version =0.10.1, =0.3.3, =0.3.3, =0.3.3, =0.3.3, =0.3.3, =0.1.0, =0.1.0, =2.4.0-alpha.2, =2.4.0-alpha.2, =0.1.2, =0.0.1-alpha.0, =0.7.14, =0.2.0, =3.32.0, =3.33.0 and more Source cves: CVE-2026-33732 Source advisory: OSV:GHSA-P36Q-Q72M-GCHR...

6.5CVSS5.7AI score0.00246EPSS
Exploits0
Rows per page
Query Builder