Lucene search
K

5 matches found

OSV
OSV
added 2023/12/22 3:15 a.m.2 views

DEBIAN-CVE-2023-51713

makeftpcmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics...

7.5CVSS7.3AI score0.04249EPSS
Exploits1References1
OSV
OSV
added 2023/12/22 3:15 a.m.1 views

UBUNTU-CVE-2023-51713

makeftpcmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics...

7.5CVSS7.1AI score0.04249EPSS
Exploits1References5
Huntr
Huntr
added 2021/07/08 8:1 a.m.23 views

Open Redirect in tjenkinson/url-toolkit

✍️ Description url-toolkit mishandles certain uses of backslash such as https:/\ and interprets the URI as a relative path. Browsers accept backslashes after the protocol, and treat it as a normal slash, while url-toolkit sees it as a relative path. Which will lead to SSRF attacks, open redirects,...

0.1AI score0.02483EPSS
Exploits2
NVD
NVD
added 2021/02/22 12:15 a.m.25 views

CVE-2021-27515

url-parse before 1.5.0 mishandles certain uses of backslash such as http:/ and interprets the URI as a relative path...

5.3CVSS0.01964EPSS
Exploits1References5
CVE
CVE
added 2021/02/21 12:0 a.m.131 views

CVE-2021-27515

CVE-2021-27515 affects the url-parse library (before 1.5.0), where backslash sequences in the protocol (e.g., http:/ or http:) can cause the parser to treat the URI as a relative path. Public advisories (Debian/Ubuntu) list this alongside other url-parse issues and indicate fixes via package upgr...

5.3CVSS5.4AI score0.01964EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder