33 matches found
CVE-2026-33241
Salvo is a Rust web framework. Prior to version 0.89.3, Salvo's form data parsing implementations formdata method and Extractible macro do not enforce payload size limits before reading request bodies into memory. This allows attackers to cause Out-of-Memory OOM conditions by sending extremely...
CVE-2026-33242
Salvo is a Rust web framework. Versions 0.39.0 through 0.89.2 have a Path Traversal and Access Control Bypass vulnerability in the salvo-proxy component. The vulnerability allows an unauthenticated external attacker to bypass proxy routing constraints and access unintended backend paths e.g.,...
CVE-2026-33242
Salvo is a Rust web framework. Versions 0.39.0 through 0.89.2 have a Path Traversal and Access Control Bypass vulnerability in the salvo-proxy component. The vulnerability allows an unauthenticated external attacker to bypass proxy routing constraints and access unintended backend paths e.g.,...
CVE-2026-33241
Salvo is a Rust web framework. Prior to version 0.89.3, Salvo's form data parsing implementations formdata method and Extractible macro do not enforce payload size limits before reading request bodies into memory. This allows attackers to cause Out-of-Memory OOM conditions by sending extremely...
salvo 安全漏洞
Salvo is a web framework developed by Salvo OpenSource. Versions of Salvo prior to 0.89.3 contained security vulnerabilities. These vulnerabilities stemmed from the lack of enforcement of payload size limits in the form data parsing mechanism, which could lead to memory exhaustion and service...
salvo 安全漏洞
Salvo is a web framework developed by Salvo OpenSource. Versions of Salvo from 0.39.0 to 0.89.2 have security vulnerabilities. These vulnerabilities stem from the encodeurlpath function in the salvo-proxy component, which fails to normalize the "../sequence", potentially allowing for path travers...
CVE-2026-33241 Salvo Affected by Denial of Service via Unbounded Memory Allocation in Form Data Parsing
Salvo is a Rust web framework. Prior to version 0.89.3, Salvo's form data parsing implementations formdata method and Extractible macro do not enforce payload size limits before reading request bodies into memory. This allows attackers to cause Out-of-Memory OOM conditions by sending extremely...
CVE-2026-33241 Salvo Affected by Denial of Service via Unbounded Memory Allocation in Form Data Parsing
Salvo is a Rust web framework. Prior to version 0.89.3, Salvo's form data parsing implementations formdata method and Extractible macro do not enforce payload size limits before reading request bodies into memory. This allows attackers to cause Out-of-Memory OOM conditions by sending extremely...
CVE-2026-33241 Salvo Affected by Denial of Service via Unbounded Memory Allocation in Form Data Parsing
Salvo is a Rust web framework. Prior to version 0.89.3, Salvo's form data parsing implementations formdata method and Extractible macro do not enforce payload size limits before reading request bodies into memory. This allows attackers to cause Out-of-Memory OOM conditions by sending extremely...
CVE-2026-33241
Salvo is a Rust web framework. Prior to version 0.89.3, Salvo's form data parsing implementations formdata method and Extractible macro do not enforce payload size limits before reading request bodies into memory. This allows attackers to cause Out-of-Memory OOM conditions by sending extremely...
CVE-2026-33241
CVE-2026-33241 entry is reserved, but connected advisories identify a concrete vulnerability in Salvo: the form data parsing implementations (form_data() and the Extractible macro) do not enforce payload size limits before reading request bodies into memory, enabling Out-of-Memory DoS. Three atta...
CVE-2026-33242 Salvo has a Path Traversal in salvo-proxy::encode_url_path allows API Gateway Bypass
Salvo is a Rust web framework. Versions 0.39.0 through 0.89.2 have a Path Traversal and Access Control Bypass vulnerability in the salvo-proxy component. The vulnerability allows an unauthenticated external attacker to bypass proxy routing constraints and access unintended backend paths e.g.,...
CVE-2026-33242
Salvo is a Rust web framework. Versions 0.39.0 through 0.89.2 have a Path Traversal and Access Control Bypass vulnerability in the salvo-proxy component. The vulnerability allows an unauthenticated external attacker to bypass proxy routing constraints and access unintended backend paths e.g.,...
CVE-2026-33242
The GitHub advisory GHSA-F842-PHM9-P4V4 describes a path traversal in the salvo-proxy component of the Salvo Rust framework (v0.89.2). The root cause is encode_url_path failing to normalize path segments (not re-encoding '.' and not handling '..' safely), allowing an unauthenticated attacker to p...
CVE-2026-33242 Salvo has a Path Traversal in salvo-proxy::encode_url_path allows API Gateway Bypass
Salvo is a Rust web framework. Versions 0.39.0 through 0.89.2 have a Path Traversal and Access Control Bypass vulnerability in the salvo-proxy component. The vulnerability allows an unauthenticated external attacker to bypass proxy routing constraints and access unintended backend paths e.g.,...
PT-2026-26303
Name of the Vulnerable Software and Affected Versions Salvo versions 0.39.0 through 0.89.2 Description Salvo, a Rust web framework, contains a Path Traversal and Access Control Bypass issue within its salvo-proxy component. An unauthenticated attacker can bypass proxy routing constraints and acce...
CVE-2026-22256
Salvo is a Rust web backend framework. Prior to version 0.88.1, the function listhtml generate an file view of a folder which include a render of the current path, in which its inserted in the HTML without proper sanitation, this leads to reflected XSS using the fact that request path is decoded...
CVE-2026-22257
Salvo is a Rust web backend framework. Prior to version 0.88.1, the function listhtml generates a file view of a folder without sanitizing the files or folders names, this may potentially lead to XSS in cases where a website allow the access to public files using this feature and anyone can uploa...
GHSA-RJF8-2WCW-F6MP Salvo is vulnerable to reflected XSS in the list_html function
Summary The function listhtml generates an file view of a folder which includes a render of the current path, in which its inserted in the HTML without proper sanitation, leading to reflected XSS. The request path is decoded and normalized in the matching stage but is not inserted raw in the HTML...
GHSA-54M3-5FXR-2F3J Salvo is vulnerable to stored XSS in the list_html function by uploading files with malicious names
Summary The function listhtml generates a file view of a folder without sanitizing the files or folders names, potentially leading to XSS in cases where a website allows access to public files using this feature, allowing anyone to upload a file. Details The vulnerable snippet of code is the...