io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files

A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response...

io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files

A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response...

io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files

A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response...

CVE-2026-1002

A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response. Mitigation To mitigate this...

CVE-2021-31641

An unauthenticated XSS vulnerability exists in several IoT devices from CHIYU Technology, including BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, BF-MINI-W, and SEMAC due to a lack of sanitization when the HTTP 404 message is generated...

nscd: Null pointer crashes after notfound response

...

NetScaler HTTP-ECV monitor probe fails and returns "404 Not Found" response code

The HTTP-ECV monitor fails and returns the 404 Not Found response code. For example, a monitor of the HTTP-ECV type was configured to monitor the status of a backend server using the following as the expected response string: "Response is Successful." The status of the related service was marked ...

DEBIAN-CVE-2022-39348

Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host twisted.web.vhost.NameVirtualHost will return a NoResource resource which renders the Host header unescaped into the 404 response allowing HTML and scri...

Eclipse Hawkbit Access Control Error Vulnerability

Eclipse hawkBit is a domain-independent backend framework from the Eclipse Foundation. It is used to roll out software updates to constrained edge devices. Eclipse Hawkbit has a security vulnerability in versions prior to 0.3.0M7 where the http404 not found JSON response body returned by restapi...

Eclipse hawkBit 跨站脚本漏洞

Eclipse hawkBit is a domain-independent backend framework from the Eclipse Foundation. It is used to roll out software updates to constrained edge devices. Eclipse Hawkbit has a security vulnerability in versions prior to 0.3.0M7 where the http404 not found JSON response body returned by restapi...

CVE-2020-14016

An issue was discovered in Navigate CMS 2.9 r1433. The forgot-password feature allows users to reset their passwords by using either their username or the email address associated with their account. However, the feature returns a notfound message when the provided username or email address does...

Atlassian Jira Information Disclosure Vulnerability (CNVD-2020-52848)

Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is used to track and manage all types of issues and defects in the workplace. A security vulnerability exists in Atlassian Jira versions prior to 8.9.1 that stems from the program's various resources using ...