4 matches found
Path Equivalence
Overview Affected versions of this package are vulnerable to Path Equivalence in the pathWithoutMatrixParams of AbstractPathMatchingHttpSecurityPolicy via specially crafted HTTP requests containing encoded semicolons, slashes, or backslashes in the request path. An attacker can gain unauthorized...
Security Bulletin: Due to the use of Apache Tomcat, IBM ApplinX is vulnerable to a Path Equivalence: 'file.name' (Internal Dot) vulnerability (CVE-2025-24813).
Summary Due to the use of Apache Tomcat, IBM ApplinX is vulnerable to a Path Equivalence: 'file.name' Internal Dot vulnerability CVE-2025-24813. Apache Tomcat has been updated within IBM ApplinX in order to address the vulnerability. Vulnerability Details CVEID:CVE-2025-24813 DESCRIPTION: Path...
EUVD-2025-3724
Malicious code in bioql PyPI...
CLSA-2025-1755272015 tomcat: Fix of CVE-2025-24813
CVE-2025-24813: fix path equivalence vulnerability leading to remote code execution and information disclosure...