5 matches found
EUVD-2026-31933
The SAP Gateway allows attackers to inject content into error messages, potentially leading to disclosure of request artefacts e.g., regex patterns and revealing underlying URI parsing logic. Leading to low impact on confidentiality. Integrity and availability are unaffected...
CVE-2025-11143
The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of URIs in systems using multiple components may result in security by-pass. For example a component that enforces a black list may interpret the URIs differently fr...
USN-5546-2 openjdk-8 vulnerabilities
USN-5546-1 fixed vulnerabilities in OpenJDK. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain...
OpenJDK: URI parsing inconsistencies (JNDI, 8278972)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JNDI. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...
The vulnerability of the syntax analysis function for URI identifiers of HTTP-servers of TP-Link TL-R600VPN microprogramming devices allows a perpetrator to cause a service failure.
The vulnerability of the syntax analysis function for URI identifiers of HTTP-servers of TP-Link TL-R600VPN software-based routers exists due to insufficient verification of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures by sending a specially...