Lucene search
K

122 matches found

RedhatCVE
RedhatCVE
added 2026/04/03 8:41 p.m.4 views

CVE-2026-34786

A flaw was found in Rack. A remote attacker can exploit this vulnerability by sending a specially crafted request with a URL-encoded static path. This bypasses security-relevant response headers intended for static content, potentially leading to information disclosure or other unintended...

6.5CVSS5.8AI score0.00195EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/04/02 8:36 p.m.11 views

Rack has Content-Length mismatch in Rack::Files error responses

Summary Rack::Filesfail sets the Content-Length response header using Stringsize instead of Stringbytesize. When the response body contains multibyte UTF-8 characters, the declared Content-Length is smaller than the number of bytes actually sent on the wire. Because Rack::Files reflects the...

6.5CVSS5.8AI score0.00147EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/04/02 6:44 p.m.2 views

EUVD-2026-18384

Rack:: Static headerrules bypass via URL-encoded paths...

5.3CVSS5.8AI score0.00195EPSS
Exploits0References2
NVD
NVD
added 2026/04/02 5:16 p.m.3 views

CVE-2026-34786

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Staticapplicablerules evaluates several headerrules types against the raw URL-encoded PATHINFO, while the underlying file-serving path is decoded before the file is served. As a result, a request for a...

5.3CVSS0.00195EPSS
Exploits0References1
OSV
OSV
added 2026/04/02 5:16 p.m.2 views

DEBIAN-CVE-2026-34786

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Staticapplicablerules evaluates several headerrules types against the raw URL-encoded PATHINFO, while the underlying file-serving path is decoded before the file is served. As a result, a request for a...

5.3CVSS5.3AI score0.00195EPSS
Exploits0References1
OSV
OSV
added 2026/04/02 5:16 p.m.4 views

UBUNTU-CVE-2026-34786

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Staticapplicablerules evaluates several headerrules types against the raw URL-encoded PATHINFO, while the underlying file-serving path is decoded before the file is served. As a result, a request for a...

5.3CVSS5.7AI score0.00195EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/02 4:44 p.m.21 views

CVE-2026-34786 Rack: Rack::Static header_rules bypass via URL-encoded paths

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Staticapplicablerules evaluates several headerrules types against the raw URL-encoded PATHINFO, while the underlying file-serving path is decoded before the file is served. As a result, a request for a...

5.3CVSS0.00195EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/02 4:44 p.m.4 views

CVE-2026-34786

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Staticapplicablerules evaluates several headerrules types against the raw URL-encoded PATHINFO, while the underlying file-serving path is decoded before the file is served. As a result, a request for a...

5.3CVSS5.7AI score0.00195EPSS
Exploits0References2Affected Software1
RubySec
RubySec
added 2026/04/02 12:0 a.m.8 views

Rack:: Static header_rules bypass via URL-encoded paths

Summary Rack::Staticapplicablerules evaluates several headerrules types against the raw URL-encoded PATHINFO, while the underlying file-serving path is decoded before the file is served. As a result, a request for a URL-encoded variant of a static path can serve the same file without the headers...

5.3CVSS5.8AI score0.00195EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.2 views

PT-2026-29813

Name of the Vulnerable Software and Affected Versions Rack versions prior to 2.2.23, 3.1.21, and 3.2.6 Description Rack’s Rack::Staticapplicable rules component evaluates header rules against the raw URL-encoded PATH INFO, while the file-serving path is decoded. This allows an attacker to bypass...

7.5CVSS5.9AI score0.0043EPSS
Exploits0References54
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.2 views

PT-2026-29919

Summary Rack::Staticapplicable rules evaluates several header rules types against the raw URL-encoded PATH INFO, while the underlying file-serving path is decoded before the file is served. As a result, a request for a URL-encoded variant of a static path can serve the same file without the heade...

5.3CVSS5.9AI score0.00195EPSS
Exploits0References4
Huntr
Huntr
added 2026/04/01 12:14 a.m.4 views

Arbitrary File Read via Percent-Encoded Path Traversal in nltk.data.find() / nltk.data.load() - Incomplete Fix of Issue #3504

This report is not public...

7.5CVSS7.1AI score0.0051EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/03/28 11:9 p.m.6 views

CVE-2026-33868

Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 4.5.8, 4.4.15, and 4.3.21, an unauthenticated Open Redirect vulnerability CWE-601 exists in the /web/ route due to improper handling of URL-encoded path segments. An attacker can craft a specially encode...

6.1CVSS6AI score0.00515EPSS
Exploits0References1
NVD
NVD
added 2026/03/27 8:16 p.m.7 views

CVE-2026-33868

Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 4.5.8, 4.4.15, and 4.3.21, an unauthenticated Open Redirect vulnerability CWE-601 exists in the /web/ route due to improper handling of URL-encoded path segments. An attacker can craft a specially encode...

6.1CVSS0.00515EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/27 7:50 p.m.25 views

CVE-2026-33868 Mastodon has a GET-Based Open Redirect via '/web/%2F<domain>'

Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 4.5.8, 4.4.15, and 4.3.21, an unauthenticated Open Redirect vulnerability CWE-601 exists in the /web/ route due to improper handling of URL-encoded path segments. An attacker can craft a specially encode...

4.3CVSS0.00515EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/27 7:50 p.m.8 views

EUVD-2026-16783

Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 4.5.8, 4.4.15, and 4.3.21, an unauthenticated Open Redirect vulnerability CWE-601 exists in the /web/ route due to improper handling of URL-encoded path segments. An attacker can craft a specially encode...

4.3CVSS6AI score0.00515EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/19 10:6 p.m.18 views

CVE-2026-32004 OpenClaw < 2026.3.2 - Authentication Bypass via Encoded Path in /api/channels Route

OpenClaw versions prior to 2026.3.2 contain an authentication bypass vulnerability in the /api/channels route classification due to canonicalization depth mismatch between auth-path classification and route-path canonicalization. Attackers can bypass plugin route authentication checks by submitti...

8.3CVSS0.00297EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/03/19 10:6 p.m.2 views

CVE-2026-32004 OpenClaw < 2026.3.2 - Authentication Bypass via Encoded Path in /api/channels Route

OpenClaw versions prior to 2026.3.2 contain an authentication bypass vulnerability in the /api/channels route classification due to canonicalization depth mismatch between auth-path classification and route-path canonicalization. Attackers can bypass plugin route authentication checks by submitti...

8.3CVSS5.8AI score0.00297EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/03/11 12:0 a.m.10 views

ZITADEL 安全漏洞

ZITADEL is an open-source identity and access management platform developed by ZITADEL in Switzerland. Versions of ZITADEL from 2.68.0 to 3.4.8, as well as version 4.12.2, have security vulnerabilities. These vulnerabilities stem from improper handling of URL-encoded path values by the SCIM API...

7.5CVSS5.8AI score0.00584EPSS
Exploits0References3
OSV
OSV
added 2026/03/10 10:16 p.m.3 views

CVE-2026-28807

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in gleam-wisp wisp allows arbitrary file read via percent-encoded path traversal. The wisp.servestatic function is vulnerable to path traversal because sanitization runs before percent-decoding. The encoded...

8.7CVSS5.9AI score0.01056EPSS
Exploits1References2
Rows per page
Query Builder