58 matches found
PT-2022-25414 · Apache · Apache Airflow
Name of the Vulnerable Software and Affected Versions: Apache Airflow versions 2.3.0 through 2.3.4 Description: The issue concerns a part of a URL that was unnecessarily formatted, allowing for possible information extraction. Recommendations: For Apache Airflow versions 2.3.0 through 2.3.4, upda...
CVE-2022-32190
JoinPath and URL.JoinPath do not remove ../ path elements appended to a relative path. For example, JoinPath"https://go.dev", "../go" returns the URL "https://go.dev/../go", despite the JoinPath documentation stating that ../ path elements are removed from the result...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, Inc. A security vulnerability previously existed in Google Chrome version 103.0.5060.134, which stemmed from an improperly implemented vulnerability in URL formatting...
UBUNTU-CVE-2022-2165
Insufficient data validation in URL formatting in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...
CVE-2022-2165
CVE-2022-2165 — Summary : The connected sources confirm a vulnerability in Google Chrome (desktop) stemming from insufficient data validation in URL formatting, enabling domain spoofing via IDN homographs with a crafted domain name. The issue affects Chrome up to version 103.0.5060.53 and is addr...
PT-2023-4307 · Google +1 · Google Chrome +1
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 103.0.5060.134 Description: The issue is related to an inappropriate implementation in URL formatting, which can be exploited by a remote attacker to perform domain spoofing via a crafted HTML page. This can be...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10035-1 Rating: important References: 1200783 Cross-References: CVE-2022-2156 CVE-2022-2157 CVE-2022-2158 CVE-2022-2160 CVE-2022-2161 CVE-2022-2162 CVE-2022-2163 CVE-2022-2164 CVE-2022-2165 Affected Products:...
Mageia: Security Advisory (MGASA-2022-0241)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Chromium: CVE-2022-2165 Insufficient data validation in URL formatting
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Scarce-Apache2 - A Framework For Bug Hunting Or Pentesting Targeting Websites That Have CVE-2021-41773 Vulnerability In Public
This tool can scan websites with CVE-2021-41773 Vulnerability that are affecting Apache2 Webserver, ScaRCE can run too for executing Remote Command Injections at the webservers that found from the scanning method Only if the MODCGI is Enabled at the targeted webserver. This tool works with the...
Debian DSA-4886-1 : chromium - security update
Several vulnerabilites have been discovered in the chromium web browser. - CVE-2021-21159 Khalil Zhani discovered a buffer overflow issue in the tab implementation. - CVE-2021-21160 Marcin Noga discovered a buffer overflow issue in WebAudio. - CVE-2021-21161 Khalil Zhani discovered a buffer...
CVE-2021-21187
CVE-2021-21187 is a Chromium/Google Chrome URL formatting vulnerability caused by insufficient data validation in the URL formatting code. It allows a remote attacker to perform domain spoofing via IDN homographs when a crafted domain name is used, with impact described as spoofing and potential ...
KLA12107 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, bypass security restrictions, spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An...
Google Chrome URL Formatting Security Bypass Vulnerability
Google Chrome is a web browser from Google, an American company. A security vulnerability exists in Google Chrome URL formatting. An attacker can exploit this vulnerability to bypass security restrictions...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, an American company. A security vulnerability exists in Google Chrome URL formatting. An attacker can exploit this vulnerability to bypass security restrictions...
KLA12106 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A heap buff...
RHEL 6 : chromium-browser (RHSA-2020:2544)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2544 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 83.0.4103.97. Security Fixes:...
CVE-2020-6481
Insufficient policy enforcement in URL formatting in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to perform domain spoofing via a crafted domain name...
Design/Logic Flaw
Insufficient policy enforcement in URL formatting in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to perform domain spoofing via a crafted domain name...
Input validation
Insufficient data validation in URL formatting in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to perform domain spoofing via a crafted domain name...