5 matches found
CVE-2026-9800 Keycloak-policy-enforcer: keycloak policy enforcer: authorization bypass via incorrect uri comparison
A flaw was found in Keycloak Policy Enforcer. This vulnerability allows any authenticated user to bypass all authorization policies, including role, scope, and User-Managed Access UMA permission checks. By including the configured access-denied page path within a request URL, either as a path...
Hono 安全漏洞
Hono is a web framework written in TypeScript for the Hono community. Versions of Hono prior to 4.12.21 contained security vulnerabilities. These vulnerabilities stemmed from the ip-restriction middleware using string equality comparisons when comparing IP addresses after some normalization,...
PT-2025-37957
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw was discovered in the Linux kernel related to the initialization of fields within the sctp v6 from sk function in the SCTP Stream Control Transmission Protocol implementation...
The vulnerability of the software package for comparing URL addresses, related to uncontrolled resource consumption, allows a hacker to trigger a service failure.
The vulnerability of the URL-regex comparison software package is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...
CVE-2002-0714
FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses...