Lucene search
K

215 matches found

OSV
OSV
added 2026/03/23 9:48 p.m.4 views

GHSA-FP4X-GGRF-WMC6 H3 has an Open Redirect via Protocol-Relative Path in redirectBack() Referer Validation

Summary The redirectBack utility in h3 validates that the Referer header shares the same origin as the request before using its pathname as the redirect Location. However, the pathname is not sanitized for protocol-relative paths starting with //. An attacker can craft a same-origin URL with a...

5.4CVSS6AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/03/23 9:48 p.m.8 views

H3 has an Open Redirect via Protocol-Relative Path in redirectBack() Referer Validation

Summary The redirectBack utility in h3 validates that the Referer header shares the same origin as the request before using its pathname as the redirect Location. However, the pathname is not sanitized for protocol-relative paths starting with //. An attacker can craft a same-origin URL with a...

6AI score
Exploits0References4Affected Software1
OSV
OSV
added 2026/03/19 9:22 p.m.4 views

GHSA-VFX2-HV2G-XJ5F Protocol-Relative URL Injection via Single Backslash Bypass in Angular SSR

An Open Redirect vulnerability exists in @angular/ssr due to an incomplete fix for CVE-2026-27738. While the original fix successfully blocked multiple leading slashes e.g., ///, the internal validation logic fails to account for a single backslash \ bypass. When an Angular SSR application is...

6.9CVSS5.7AI score0.00255EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/03/11 12:26 a.m.9 views

CraftCMS vulnerable to reflective XSS via incomplete return URL sanitization

Summary The fix for CVE-2025-35939 in craftcms/cms introduced a striptags call in src/web/User.php to sanitize return URLs before they are stored in the session. However, striptags only removes HTML tags angle brackets -- it does not inspect or filter URL schemes. Payloads like...

6.9CVSS5.9AI score0.01119EPSS
Exploits0References4Affected Software1
Veracode
Veracode
added 2026/03/06 7:24 a.m.7 views

Open Redirect

miniflux.app/v2 is vulnerable to Open Redirect. The vulnerability is due to improper validation of the redirecturl parameter where protocol-relative URLs bypass the url.Parse....IsAbs check, which allows an attacker to redirect users to attacker-controlled websites after login...

6.1CVSS5.8AI score0.00183EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/02/25 10:41 p.m.8 views

Angular SSR has an Open Redirect via X-Forwarded-Prefix

An Open Redirect vulnerability exists in the internal URL processing logic in Angular SSR. The logic normalizes URL segments by stripping leading slashes; however, it only removes a single leading slash. When an Angular SSR application is deployed behind a proxy that passes the X-Forwarded-Prefix...

6.9CVSS5.6AI score0.00302EPSS
Exploits0References6Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2026/02/12 12:0 a.m.10 views

VulnCheck KEV: CVE-2025-55303

Astro is a web framework for content-driven websites. In versions of astro before 5.13.2 and 4.16.18, the image optimization endpoint in projects deployed with on-demand rendering allows images from unauthorized third-party domains to be served. On-demand rendered sites built with Astro include a...

6.9CVSS5.8AI score0.00599EPSS
In wildExploits1References2
RedhatCVE
RedhatCVE
added 2026/02/10 3:9 a.m.8 views

CVE-2026-25765

A flaw was found in Faraday, an HTTP client library. The buildexclusiveurl method, which combines a base URL with a user-supplied path, incorrectly processes protocol-relative URLs e.g., //evil.com/path. This allows a remote attacker to supply a specially crafted URL, leading to Server-Side Reque...

5.8CVSS5.4AI score0.00351EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-25765

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Prior to 2.14.1, Faraday's buildexclusiveurl method in...

5.8CVSS5.6AI score0.00351EPSS
Exploits0References3
OSV
OSV
added 2026/02/09 9:15 p.m.6 views

AZL-77639 CVE-2026-25765 affecting package rubygem-faraday 2.5.2-1

Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Prior to 2.14.1, Faraday's buildexclusiveurl method in lib/faraday/connection.rb uses Ruby's URImerge to combine the connection's base URL with a user-supplied path. Per RFC 3986,...

5.8CVSS5.9AI score0.00351EPSS
Exploits0References1
OSV
OSV
added 2026/02/09 9:15 p.m.3 views

DEBIAN-CVE-2026-25765

Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Prior to 2.14.1, Faraday's buildexclusiveurl method in lib/faraday/connection.rb uses Ruby's URImerge to combine the connection's base URL with a user-supplied path. Per RFC 3986,...

5.8CVSS5.6AI score0.00351EPSS
Exploits0References1
NVD
NVD
added 2026/02/09 9:15 p.m.8 views

CVE-2026-25765

Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Prior to 2.14.1, Faraday's buildexclusiveurl method in lib/faraday/connection.rb uses Ruby's URImerge to combine the connection's base URL with a user-supplied path. Per RFC 3986,...

5.8CVSS0.00351EPSS
Exploits0References3
OSV
OSV
added 2026/02/09 9:15 p.m.7 views

AZL-77631 CVE-2026-25765 affecting package rubygem-faraday 2.7.10-1

Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Prior to 2.14.1, Faraday's buildexclusiveurl method in lib/faraday/connection.rb uses Ruby's URImerge to combine the connection's base URL with a user-supplied path. Per RFC 3986,...

5.8CVSS5.9AI score0.00351EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/02/09 9:15 p.m.6 views

CVE-2026-25765

Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Prior to 2.14.1, Faraday's buildexclusiveurl method in lib/faraday/connection.rb uses Ruby's URImerge to combine the connection's base URL with a user-supplied path. Per RFC 3986,...

5.8CVSS7.3AI score0.00351EPSS
Exploits0References4
OSV
OSV
added 2026/02/09 9:15 p.m.5 views

UBUNTU-CVE-2026-25765

Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Prior to 2.14.1, Faraday's buildexclusiveurl method in lib/faraday/connection.rb uses Ruby's URImerge to combine the connection's base URL with a user-supplied path. Per RFC 3986,...

5.8CVSS7.4AI score0.00351EPSS
Exploits0References5
OSV
OSV
added 2026/02/09 8:37 p.m.5 views

GHSA-33MH-2634-FWR2 Faraday affected by SSRF via protocol-relative URL host override in build_exclusive_url

Impact Faraday's buildexclusiveurl method in lib/faraday/connection.rb uses Ruby's URImerge to combine the connection's base URL with a user-supplied path. Per RFC 3986, protocol-relative URLs e.g. //evil.com/path are treated as network-path references that override the base URL's host/authority...

5.8CVSS5.8AI score0.00351EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2026/02/09 8:37 p.m.13 views

Faraday affected by SSRF via protocol-relative URL host override in build_exclusive_url

Impact Faraday's buildexclusiveurl method in lib/faraday/connection.rb uses Ruby's URImerge to combine the connection's base URL with a user-supplied path. Per RFC 3986, protocol-relative URLs e.g. //evil.com/path are treated as network-path references that override the base URL's host/authority...

5.8CVSS5.7AI score0.00351EPSS
Exploits0References10Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/09 8:30 p.m.5 views

CVE-2026-25765 Faraday affected by SSRF via protocol-relative URL host override in build_exclusive_url

Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Prior to 2.14.1, Faraday's buildexclusiveurl method in lib/faraday/connection.rb uses Ruby's URImerge to combine the connection's base URL with a user-supplied path. Per RFC 3986,...

5.8CVSS5.8AI score0.00351EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/09 8:30 p.m.5 views

CVE-2026-25765

Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Prior to 2.14.1, Faraday's buildexclusiveurl method in lib/faraday/connection.rb uses Ruby's URImerge to combine the connection's base URL with a user-supplied path. Per RFC 3986,...

5.8CVSS5.8AI score0.00351EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/02/09 8:30 p.m.37 views

CVE-2026-25765

CVE-2026-25765 affects Faraday (an HTTP client abstraction). The vulnerability arises in build_exclusive_url (lib/faraday/connection.rb) which uses URI#merge; protocol-relative URLs (e.g., //evil.com/…) override the base URL’s host, enabling potential SSRF if user-controlled input is passed to ge...

5.8CVSS5.8AI score0.00351EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder