Lucene search
K

8 matches found

OSV
OSV
added 2025/12/23 7:31 p.m.3 views

GHSA-HM5P-X4RQ-38W4 httparty Has Potential SSRF Vulnerability That Leads to API Key Leakage

Summary There may be an SSRF vulnerability in httparty. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. Details When httparty receives a path argument that is an absolute URL, it ignores the baseuri field. As a result, if ...

8.8CVSS6.6AI score0.0026EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2025/12/23 7:31 p.m.9 views

httparty Has Potential SSRF Vulnerability That Leads to API Key Leakage

Summary There may be an SSRF vulnerability in httparty. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. Details When httparty receives a path argument that is an absolute URL, it ignores the baseuri field. As a result, if ...

8.8CVSS6.7AI score0.0026EPSS
Exploits1References5Affected Software1
RedHat Linux
RedHat Linux
added 2022/09/26 3:41 p.m.4 views

Mozilla: Content-Security-Policy base-uri bypass

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when injecting an HTML base element; some requests would ignore the CSP's base-uri settings and accept the injected element's base instead...

6.1CVSS7.3AI score0.00877EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/09/26 3:15 p.m.6 views

Mozilla: Content-Security-Policy base-uri bypass

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when injecting an HTML base element; some requests would ignore the CSP's base-uri settings and accept the injected element's base instead...

6.1CVSS7.3AI score0.00877EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/09/26 2:59 p.m.5 views

Mozilla: Content-Security-Policy base-uri bypass

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when injecting an HTML base element; some requests would ignore the CSP's base-uri settings and accept the injected element's base instead...

6.1CVSS7.3AI score0.00877EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/09/26 2:54 p.m.5 views

Mozilla: Content-Security-Policy base-uri bypass

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when injecting an HTML base element; some requests would ignore the CSP's base-uri settings and accept the injected element's base instead...

6.1CVSS7.3AI score0.00877EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/09/26 2:54 p.m.5 views

Mozilla: Content-Security-Policy base-uri bypass

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when injecting an HTML base element; some requests would ignore the CSP's base-uri settings and accept the injected element's base instead...

6.1CVSS7.3AI score0.00877EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/09/26 2:7 p.m.6 views

Mozilla: Content-Security-Policy base-uri bypass

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when injecting an HTML base element; some requests would ignore the CSP's base-uri settings and accept the injected element's base instead...

6.1CVSS7.3AI score0.00877EPSS
Exploits0References5
Rows per page
Query Builder