CVE-2026-33397 Angular SSR Vulnerable to Protocol-Relative URL Injection via Single Backslash Bypass

The Angular SSR is a server-rise rendering tool for Angular applications. Versions on the 22.x branch prior to 22.0.0-next.2, the 21.x branch prior to 21.2.3, and the 20.x branch prior to 20.3.21 have an Open Redirect vulnerability in @angular/ssr due to an incomplete fix for CVE-2026-27738. Whil...

Ubuntu: Security Advisory (USN-7709-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7709-1: WEBrick vulnerability

It was discovered that WEBrick incorrectly parsed HTTP headers. In configurations where WEBrick is placed behind an HTTP proxy, a remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack...

puma-5.6.4: http request smuggling vulnerabilities

A HTTP request smuggling flaw was found in puma. This issue occurs when using puma behind a proxy. Puma does not validate incoming HTTP requests, as per RFC specification, leading to loss of integrity...

waitress: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')

An Inconsistent Interpretation of HTTP Requests HTTP Request Smuggling flaw was found in Waitress when used behind a proxy that does not properly validate the incoming HTTP request. This flaw allows an attacker to smuggle requests via the front-end proxy to Waitress, resulting in a loss of data...