Lucene search
K

215 matches found

RubySec
RubySec
added 2025/08/29 12:0 a.m.11 views

Google Sign-In for Rails allowed redirect to protocol-relative URI

Summary It is possible to redirect a user to another origin if the "proceedto" value in the session store is set to a protocol-relative URL. Details The googlesignin gem persists an optional URL for redirection after authentication. If this URL is set to a protocol-relative URL, it improperly...

4.2CVSS6.6AI score0.00211EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/08/19 7:15 p.m.6 views

CVE-2025-55303

Astro is a web framework for content-driven websites. In versions of astro before 5.13.2 and 4.16.18, the image optimization endpoint in projects deployed with on-demand rendering allows images from unauthorized third-party domains to be served. On-demand rendered sites built with Astro include a...

6.9CVSS0.00599EPSS
Exploits1References2
CVE
CVE
added 2025/08/19 6:8 p.m.21 views

CVE-2025-55303

Astro before 5.13.2 and 4.16.18 has an information disclosure vulnerability in the on-demand rendering image optimization endpoint (_image) that can bypass third-party domain restrictions using protocol-relative URLs (e.g., /_image?href=//example.com/image.png). This allows serving images from un...

6.9CVSS7AI score0.00599EPSS
In wildExploits1References2Affected Software1
Cvelist
Cvelist
added 2025/08/19 6:8 p.m.9 views

CVE-2025-55303 Unauthorized third-party images in Astro’s _image endpoint

Astro is a web framework for content-driven websites. In versions of astro before 5.13.2 and 4.16.18, the image optimization endpoint in projects deployed with on-demand rendering allows images from unauthorized third-party domains to be served. On-demand rendered sites built with Astro include a...

6.9CVSS0.00599EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/08/19 6:8 p.m.3 views

CVE-2025-55303 Unauthorized third-party images in Astro’s _image endpoint

Astro is a web framework for content-driven websites. In versions of astro before 5.13.2 and 4.16.18, the image optimization endpoint in projects deployed with on-demand rendering allows images from unauthorized third-party domains to be served. On-demand rendered sites built with Astro include a...

6.9CVSS7AI score0.00599EPSS
Exploits1References2
OSV
OSV
added 2025/08/19 6:8 p.m.6 views

CVE-2025-55303 Unauthorized third-party images in Astro’s _image endpoint

Astro is a web framework for content-driven websites. In versions of astro before 5.13.2 and 4.16.18, the image optimization endpoint in projects deployed with on-demand rendering allows images from unauthorized third-party domains to be served. On-demand rendered sites built with Astro include a...

6.9CVSS6.4AI score0.00599EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2025/08/19 3:40 p.m.11 views

Astro allows unauthorized third-party images in _image endpoint

Summary In affected versions of astro, the image optimization endpoint in projects deployed with on-demand rendering allows images from unauthorized third-party domains to be served. Details On-demand rendered sites built with Astro include an /image endpoint which returns optimized versions of...

6.9CVSS6.1AI score0.00599EPSS
Exploits1References4Affected Software2
OSV
OSV
added 2025/08/19 3:40 p.m.2 views

GHSA-XF8X-J4P2-F749 Astro allows unauthorized third-party images in _image endpoint

Summary In affected versions of astro, the image optimization endpoint in projects deployed with on-demand rendering allows images from unauthorized third-party domains to be served. Details On-demand rendered sites built with Astro include an /image endpoint which returns optimized versions of...

6.4CVSS5.8AI score0.00599EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/08/19 12:0 a.m.6 views

PT-2025-33828

Name of the Vulnerable Software and Affected Versions: Astro versions prior to 5.13.2 Astro versions prior to 4.16.18 Description: Astro is a web framework for content-driven websites. The image optimization endpoint in projects deployed with on-demand rendering allows images from unauthorized...

6.9CVSS5.3AI score0.00599EPSS
Exploits1References10
Snyk
Snyk
added 2025/08/07 4:41 p.m.3 views

Open Redirect

Overview @astrojs/internal-helpers is an Internal helpers used by core Astro packages. Affected versions of this package are vulnerable to Open Redirect the trailing slash redirection logic when handling URLs with double slashes in the path. An attacker can redirect users to arbitrary external...

6.9CVSS7AI score0.00572EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/06/26 12:12 p.m.2 views

webob: WebOb's location header normalization during redirect leads to open redirect

A vulnerability was found in the WebOb package. WebOb normalizes the HTTP Location header using urlparse and urljoin. If the URL starts with //, urlparse treats the following part as the hostname, and replaces the original request's hostname. This issue, combined with user interaction, may become...

6.1CVSS5.7AI score0.00497EPSS
Exploits1References7
Hacker One
Hacker One
added 2025/06/03 10:50 a.m.10 views

Mozilla: Bypass "No Links" Restriction in Biography via Protocol-Relative URL (//)

The report identifies a bypass vulnerability in the biography field on addons.allizom.org. Despite the application's policy against allowing links, it was possible to embed functional hyperlinks using protocol-relative URLs //evil.com. This violation of the declared application policy was achieve...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:56 p.m.7 views

CVE-2021-46898

views/switch.py in django-grappelli aka Django Grappelli before 2.15.2 attempts to prevent external redirection with startswith"/" but this does not consider a protocol-relative URL e.g., //example.com attack...

6.1CVSS6.6AI score0.0047EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/08 2:44 p.m.12 views

Security Bulletin: The issue occurs when passing absolute URLs rather than protocol-relative URLs to axios, affects watsonx.data

Summary axios is a promise based HTTP client for the browser and node.js. The issue occurs when passing absolute URLs rather than protocol-relative URLs to axios. Even if ⁠baseURL is set, axios sends the request to the specified absolute URL, potentially causing SSRF and credential leakage. This...

8.7CVSS6.7AI score0.00759EPSS
Exploits1Affected Software1
OSV
OSV
added 2025/01/14 9:16 p.m.5 views

CLSA-2025-1736889411 Fix CVE(s): CVE-2023-41080

SECURITY UPDATE: Security vulnerability in URL redirection - debian/patches/CVE-2023-41080.patch: Avoid protocol relative redirects in FORM authentication - CVE-2023-41080...

6.1CVSS6.8AI score0.05972EPSS
Exploits0References1
OSV
OSV
added 2024/12/25 9:39 a.m.3 views

CLSA-2024-1735119580 Fix CVE(s): CVE-2023-41080

SECURITY UPDATE: Untrusted Site Redirection Vulnerability in FORM authentication feature - debian/patches/CVE-2023-41080.patch: Avoid protocol relative redirects in FORM authentication - CVE-2023-41080...

6.1CVSS6.8AI score0.05972EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 5:58 p.m.30 views

Security Bulletin: Vulnerability in Axios affects IBM watsonx.data

Summary Axios is vulnerable to server-side request forgery, caused by a flaw with requests for path relative URLs get processed as protocol relative URLs. By sending a specially crafted request, an attacker could exploit this vulnerability to conduct SSRF attack. This can affect watsonx.data...

7.5CVSS7.4AI score0.01414EPSS
Exploits1Affected Software1
SUSE CVE
SUSE CVE
added 2024/08/20 2:20 a.m.2 views

SUSE CVE-2024-39338

axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs...

7.4CVSS9.6AI score0.01414EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2024/08/16 12:58 a.m.28 views

CVE-2024-39338

A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack SSRF caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server...

7.5CVSS7.3AI score0.01414EPSS
Exploits1References5
OSV
OSV
added 2024/08/12 3:30 p.m.10 views

GHSA-8HC4-VH64-CXMJ Server-Side Request Forgery in axios

axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs...

7.5CVSS6.8AI score0.01414EPSS
Exploits1References9
Rows per page
Query Builder