CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

72 matches found

Github Security Blog•added 2021/05/18 9:8 p.m.•53 views

gopkg.in/macaron.v1 Open Redirect vulnerability

macaron before 1.3.7 has an open redirect in the static handler. Due to improper request santization, a specifically crafted URL can cause the static file handler to redirect to an attacker chosen URL, allowing for open redirect attacks...

6.1CVSS6AI score0.00159EPSS

Exploits1References10Affected Software1

Tenable Nessus•added 2020/08/07 12:0 a.m.•51 views

RHEL 7 / 8 : Red Hat OpenShift Service Mesh (RHSA-2020:3369)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3369 advisory. Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise...

7.5CVSS7.1AI score0.3466EPSS

Exploits14References13

RedHat Linux•added 2020/08/06 8:19 p.m.•3 views

macaron: open redirect in the static handler

A flaw was found in macaron. Path URLs aren't cleaned before being redirected creating an open redirect in the static handler...

6.1CVSS5.7AI score0.00159EPSS

Exploits1References4

RedhatCVE•added 2020/06/23 12:56 p.m.•24 views

CVE-2020-12666

A flaw was found in macaron. Path URLs aren't cleaned before being redirected creating an open redirect in the static handler...

5.8CVSS1.2AI score0.00159EPSS

Exploits1References3

CNVD•added 2020/05/06 12:0 a.m.•1 views

macaron input validation error vulnerability

macaron is a modular Web framework based on the Go language . An input validation error vulnerability exists in the static handler in versions prior to macaron 1.3.7. The vulnerability stems from a web system or product that does not properly validate input data. No detailed vulnerability details...

6.1CVSS6.9AI score0.00159EPSS

Exploits1References1

OSV•added 2020/05/05 10:15 p.m.•21 views

CVE-2020-12666

macaron before 1.3.7 has an open redirect in the static handler, as demonstrated by the http://127.0.0.1:4000//example.com/ URL...

6.1CVSS6.7AI score

Exploits0References3

NVD•added 2020/05/05 10:15 p.m.•18 views

CVE-2020-12666

macaron before 1.3.7 has an open redirect in the static handler, as demonstrated by the http://127.0.0.1:4000//example.com/ URL...

6.1CVSS6.5AI score0.00159EPSS

Exploits1References3

Prion•added 2020/05/05 10:15 p.m.•14 views

Open redirect

macaron before 1.3.7 has an open redirect in the static handler, as demonstrated by the http://127.0.0.1:4000//example.com/ URL...

5.8CVSS6.3AI score0.00159EPSS

Exploits1References3Affected Software2

Cvelist•added 2020/05/05 9:6 p.m.•19 views

CVE-2020-12666

macaron before 1.3.7 has an open redirect in the static handler, as demonstrated by the http://127.0.0.1:4000//example.com/ URL...

6.3AI score0.00159EPSS

Exploits1References3

CVE•added 2020/05/05 9:6 p.m.•184 views

CVE-2020-12666

CVE-2020-12666 is an open redirect in the macaron web framework (gopkg.in/macaron.v1) — specifically in the static handler. The root cause is improper request sanitization, allowing a crafted URL to redirect to an attacker-chosen URL. Remediation documented across sources: upgrade to macaron 1.3....

6.1CVSS6AI score0.00159EPSS

Exploits1References3Affected Software1

Positive Technologies•added 2020/05/05 12:0 a.m.•2 views

PT-2020-13193 · Macaron · Macaron

Name of the Vulnerable Software and Affected Versions: macaron versions prior to 1.3.7 Description: The issue is related to an open redirect in the static handler due to improper request sanitization. This allows a specifically crafted URL to cause the static file handler to redirect to an...

6.1CVSS5.9AI score0.00159EPSS

Exploits1References15