2 matches found
GHSA-V3WM-QF9P-C549 Symfony: HtmlSanitizer URL Parser Deny Gates Underinclusive: Percent-Encoded BiDi Marks and Unicode Whitespace Bypass Visual-Spoofing Defense
Description Symfony\Component\HtmlSanitizer\TextSanitizer\UrlSanitizer::parse rejects URLs containing raw Unicode explicit-direction BiDi formatting characters U+202A–U+202E, U+2066–U+2069 as a defense against visual-spoofing of the rendered href. The check covers only the raw UTF-8 forms of thos...
JetBrains IntelliJ IDEA 安全漏洞
JetBrains IntelliJ IDEA is a suite of integrated development environments for the Java language from Czech company Jetbrains. security vulnerability exists in versions of JetBrains IntelliJ IDEA prior to 2022.1, which stems from an insufficient notification mechanism for using Unicode...