CVE-2024-6866

corydolphin/flask-cors version 4.01 contains a vulnerability where the request path matching is case-insensitive due to the use of the trymatch function, which is originally intended for matching hosts. This results in a mismatch because paths in URLs are case-sensitive, but the regex matching...

Flask-CORS 安全漏洞

Flask-CORS is a cross-origin resource sharing component for Flask by the individual developer Cory Dolphin. A security vulnerability exists in Flask-CORS version 4.01, which stems from a case-insensitive request path matching that could lead to unauthorized cross-domain access...

DEBIAN-CVE-2021-22924

libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths case insensitively,which could lead ...

Debian DSA-1645-1 : lighttpd - various

Several local/remote vulnerabilities have been discovered in lighttpd, a fast webserver with minimal memory footprint. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-4298 A memory leak in the httprequestparse function could be used by remote...

[SECURITY] [DSA-1645-1] New lighttpd packages fix various problems

------------------------------------------------------------------------ Debian Security Advisory DSA-1645-1 [email protected] http://www.debian.org/security/ Steve Kemp October 06, 2008 http://www.debian.org/security/faq -...

DSA-1645-1 lighttpd - various problems

Bulletin has no description...

[SECURITY] [DSA-1645-1] New lighttpd packages fix various problems

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1645-1 [email protected] http://www.debian.org/security/ Steve Kemp October 06, 2008 http://www.debian.org/security/faq -...