Lucene search
K

25 matches found

RedHat Linux
RedHat Linux
added 2026/05/20 11:23 a.m.7 views

org.keycloak/keycloak-services: Open redirect when using wildcard valid redirect URIs in Keycloak

A flaw was found in Keycloak's URL validation logic during redirect operations. By crafting a malicious request, an attacker could bypass validation to redirect users to unauthorized URLs, potentially leading to the exposure of sensitive information within the domain or facilitating further...

8.1CVSS5.7AI score0.005EPSS
Exploits0References4
Snyk
Snyk
added 2026/04/21 7:11 p.m.6 views

Incorrect Authorization

Overview github.com/oauth2-proxy/oauth2-proxy is a reverse proxy that provides authentication with Google, Github or other providers. Affected versions of this package are vulnerable to Incorrect Authorization in the email domain validation. An attacker can gain unauthorized access by submitting ...

7.6CVSS5.5AI score0.00209EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/21 7:11 p.m.4 views

Incorrect Authorization

Overview github.com/oauth2-proxy/oauth2-proxy/v7 is a reverse proxy that provides authentication with Google, Github or other providers. Affected versions of this package are vulnerable to Incorrect Authorization in the email domain validation. An attacker can gain unauthorized access by submitti...

7.6CVSS5.5AI score0.00209EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:8 a.m.5 views

SUSE CVE-2019-16056

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...

6.5CVSS9.2AI score0.05366EPSS
Exploits0References42
SUSE CVE
SUSE CVE
added 2023/02/15 3:40 a.m.3 views

SUSE CVE-2021-33503

An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP...

7.5CVSS7.4AI score0.03273EPSS
Exploits0References19
RedHat Linux
RedHat Linux
added 2021/11/09 6:32 p.m.4 views

python-urllib3: ReDoS in the parsing of authority part of URL

A flaw was found in python-urllib3. When provided with a URL containing many @ characters in the authority component, the authority's regular expression exhibits catastrophic backtracking. This flaw causes a denial of service if a URL is passed as a parameter or redirected via an HTTP redirect. T...

7.5CVSS7.3AI score0.03273EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/08/24 12:50 p.m.4 views

python-urllib3: ReDoS in the parsing of authority part of URL

A flaw was found in python-urllib3. When provided with a URL containing many @ characters in the authority component, the authority's regular expression exhibits catastrophic backtracking. This flaw causes a denial of service if a URL is passed as a parameter or redirected via an HTTP redirect. T...

7.5CVSS7.3AI score0.03273EPSS
Exploits0References5
OSV
OSV
added 2021/07/10 11:3 a.m.4 views

OESA-2021-1260 python-urllib3 security update

Security Fixes: An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to...

7.5CVSS7AI score0.03273EPSS
Exploits0References2
OSV
OSV
added 2021/06/29 11:15 a.m.5 views

AZL-6821 CVE-2021-33503 affecting package python-urllib3 for versions less than 1.25.9-3

An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP...

7.5CVSS6.8AI score0.03273EPSS
Exploits0References1
OSV
OSV
added 2021/06/29 11:15 a.m.4 views

UBUNTU-CVE-2021-33503

An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP...

7.5CVSS6.8AI score0.03273EPSS
Exploits0References5
PyPA
PyPA
added 2021/06/29 11:15 a.m.6 views

PYSEC-2021-108

An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP...

7.5CVSS5.7AI score0.03273EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/06/01 9:19 p.m.3 views

GHSA-Q2Q7-5PP4-W6PG Catastrophic backtracking in URL authority parser when passed URL containing many @ characters

Impact When provided with a URL containing many @ characters in the authority component the authority regular expression exhibits catastrophic backtracking causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect. Patches The issue has been fixed in...

8.7CVSS6.8AI score0.03273EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2020/06/12 10:36 a.m.8 views

python: email.utils.parseaddr wrongly parses email addresses

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...

7.5CVSS6.8AI score0.05366EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/28 3:42 p.m.15 views

python: email.utils.parseaddr wrongly parses email addresses

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...

7.5CVSS6.8AI score0.05366EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/03/31 7:53 p.m.9 views

python: email.utils.parseaddr wrongly parses email addresses

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...

7.5CVSS6.8AI score0.05366EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/03/31 7:47 p.m.6 views

python: email.utils.parseaddr wrongly parses email addresses

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...

7.5CVSS6.8AI score0.05366EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/11/25 9:26 a.m.5 views

python: email.utils.parseaddr wrongly parses email addresses

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...

7.5CVSS6.8AI score0.05366EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/11/06 9:47 a.m.6 views

python: email.utils.parseaddr wrongly parses email addresses

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...

7.5CVSS6.8AI score0.05366EPSS
Exploits0References4
OSV
OSV
added 2019/09/06 6:15 p.m.4 views

ALPINE-CVE-2019-16056

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...

7.5CVSS6.9AI score0.05366EPSS
Exploits0References1
OSV
OSV
added 2019/09/06 6:15 p.m.1 views

DEBIAN-CVE-2019-16056

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...

7.5CVSS7.1AI score0.05366EPSS
Exploits0References1
Rows per page
Query Builder