28 matches found
CVE-2026-21873
NiceGUI is a Python-based UI framework. From versions 2.22.0 to 3.4.1, an unsafe implementation in the pushstate event listener used by ui.subpages allows an attacker to manipulate the fragment identifier of the URL, which they can do despite being cross-site, using an iframe. This issue has been...
EUVD-2018-0557
Malware in sbrugna...
SUSE CVE-2017-14063
Async Http Client aka async-http-client before 2.0.35 can be tricked into connecting to a host different from the one extracted by java.net.URI if a '?' character occurs in a fragment identifier. Similar bugs were previously identified in cURL CVE-2016-8624 and Oracle Java 8 java.net.URL...
Long lost @ symbol gets new life obscuring malicious URLs
Threat actors have rediscovered an old and little-used feature of web URLs, the innocuous @ symbol we usually see in email addresses, and started using it to obscure links to their malicious websites. Researchers from Perception Point noticed it being used in a cyberattack against multiple...
istio/istio: HTTP request with fragment in URI can bypass authorization mechanisms
An authorization bypass vulnerability was found in istio/istio. An HTTP request is incorrectly evaluated when a URI fragment is specified. This flaw allows an attacker to bypass an Istio URI-based authorization rule. The highest threat from this vulnerability is to confidentiality, integrity, as...
CVE-2020-7648
All versions of snyk-broker before 4.72.2 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users who have access to Snyk's internal network by appending the URL with a fragment identifier and a whitelisted path e.g. package.json...
GHSA-93JQ-624G-4P9P Improper Input Validation in async-http-client
Async Http Client aka async-http-client before 2.0.35 can be tricked into connecting to a host different from the one extracted by java.net.URI if a '?' character occurs in a fragment identifier. Similar bugs were previously identified in cURL CVE-2016-8624 and Oracle Java 8 java.net.URL...
Improper Input Validation in async-http-client
Async Http Client aka async-http-client before 2.0.35 can be tricked into connecting to a host different from the one extracted by java.net.URI if a '?' character occurs in a fragment identifier. Similar bugs were previously identified in cURL CVE-2016-8624 and Oracle Java 8 java.net.URL...
CVE-2017-14063
Async Http Client aka async-http-client before 2.0.35 can be tricked into connecting to a host different from the one extracted by java.net.URI if a '?' character occurs in a fragment identifier. Similar bugs were previously identified in cURL CVE-2016-8624 and Oracle Java 8 java.net.URL...
CVE-2017-14063
Async Http Client aka async-http-client before 2.0.35 can be tricked into connecting to a host different from the one extracted by java.net.URI if a '?' character occurs in a fragment identifier. Similar bugs were previously identified in cURL CVE-2016-8624 and Oracle Java 8 java.net.URL...
Design/Logic Flaw
Async Http Client aka async-http-client before 2.0.35 can be tricked into connecting to a host different from the one extracted by java.net.URI if a '?' character occurs in a fragment identifier. Similar bugs were previously identified in cURL CVE-2016-8624 and Oracle Java 8 java.net.URL...
CVE-2017-14063
Async Http Client aka async-http-client before 2.0.35 can be tricked into connecting to a host different from the one extracted by java.net.URI if a '?' character occurs in a fragment identifier. Similar bugs were previously identified in cURL CVE-2016-8624 and Oracle Java 8 java.net.URL...
CVE-2017-14063
Async Http Client aka async-http-client before 2.0.35 can be tricked into connecting to a host different from the one extracted by java.net.URI if a '?' character occurs in a fragment identifier. Similar bugs were previously identified in cURL CVE-2016-8624 and Oracle Java 8 java.net.URL...
CVE-2017-14063
Async Http Client aka async-http-client before 2.0.35 can be tricked into connecting to a host different from the one extracted by java.net.URI if a '?' character occurs in a fragment identifier. Similar bugs were previously identified in cURL CVE-2016-8624 and Oracle Java 8 java.net.URL...
CVE-2017-14063
CVE-2017-14063 affects Async Http Client (async-http-client) prior to 2.0.35. The underlying issue allows an attacker to cause the client to connect to a host different from the one parsed from java.net.URI when a ? appears in a fragment. This vulnerability is corroborated by CNVD-2017-31118, whi...
UBUNTU-CVE-2016-5283
Mozilla Firefox before 49.0 allows remote attackers to bypass the Same Origin Policy via a crafted fragment identifier in the SRC attribute of an IFRAME element, leading to insufficient restrictions on link-color information after a document is resized...
DEBIAN-CVE-2015-3429
Cross-site scripting XSS vulnerability in example.html in Genericons before 3.3.1, as used in WordPress before 4.2.2, allows remote attackers to inject arbitrary web script or HTML via a fragment identifier...
CVE-2015-3429
Cross-site scripting XSS vulnerability in example.html in Genericons before 3.3.1, as used in WordPress before 4.2.2, allows remote attackers to inject arbitrary web script or HTML via a fragment identifier...
UBUNTU-CVE-2015-3429
Cross-site scripting XSS vulnerability in example.html in Genericons before 3.3.1, as used in WordPress before 4.2.2, allows remote attackers to inject arbitrary web script or HTML via a fragment identifier...
CVE-2015-3429
Cross-site scripting XSS vulnerability in example.html in Genericons before 3.3.1, as used in WordPress before 4.2.2, allows remote attackers to inject arbitrary web script or HTML via a fragment identifier...