3 matches found
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF through improper handling of case-insensitive URL schemes in the FilterDeadline function. An attacker can access arbitrary files within the container by submitting URLs with mixed-case or uppercase schem...
urijs: Authorization Bypass Through User-Controlled Key
A flaw was found in urijs due to the fix of CVE-2021-3647 not considering case-sensitive protocol schemes in the URL. This issue allows attackers to bypass the patch...
urijs: Authorization Bypass Through User-Controlled Key
A flaw was found in urijs due to the fix of CVE-2021-3647 not considering case-sensitive protocol schemes in the URL. This issue allows attackers to bypass the patch...