548 matches found
CLSA-2026-1778839424 gnutls: Fix of CVE-2026-3833
CVE-2026-3833: fix excludedSubtrees/permittedSubtrees bypass by performing case-insensitive comparison of dNSName and rfc822Name domain labels in X.509 nameConstraints processing...
CLSA-2026-1778835563 gnutls: Fix of CVE-2026-3833
CVE-2026-3833: fix excludedSubtrees/permittedSubtrees bypass by performing case-insensitive comparison of dNSName and rfc822Name domain labels in X.509 nameConstraints processing...
CLSA-2026-1778832314 Fix CVE(s): CVE-2026-3833
SECURITY UPDATE: Certificate policy bypass via case-sensitive nameConstraints - debian/patches/CVE-2026-3833.patch: replace memcmp with cstrncasecmp in endswith, emailendswith, dnsnamematches and emailmatches in lib/x509/nameconstraints.c so DNS labels and email domains are compared...
CLSA-2026-1778662564 cups: Fix of CVE-2026-27447
CVE-2026-27447: fix authorization bypass via case-insensitive username comparison in scheduler...
Unity Linux 20.1060e / 20.1070e Security Update: git (UTSA-2026-017630)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017630 advisory. Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files...
CVE-2026-41591 Marko: XSS via case-insensitive script/style closing tag bypass in runtime HTML escaping
Marko is a declarative, HTML-based language for building web apps. Prior to marko version 5.38.36 and prior to @marko/runtime-tags 6.0.164, when dynamic text is interpolated into a or tag the Marko runtime failed to prevent tag breakout when the closing tag used non-lowercase casing. An attacker...
CVE-2026-41591 Marko: XSS via case-insensitive script/style closing tag bypass in runtime HTML escaping
Marko is a declarative, HTML-based language for building web apps. Prior to marko version 5.38.36 and prior to @marko/runtime-tags 6.0.164, when dynamic text is interpolated into a or tag the Marko runtime failed to prevent tag breakout when the closing tag used non-lowercase casing. An attacker...
CLSA-2026-1778142413 cups: Fix of CVE-2026-27447
CVE-2026-27447: fix authorization bypass via case-insensitive username comparison in scheduler...
EUVD-2026-28508
Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version 0.17.14, Heimdall handles URL-encoded slashes %2F in a case-sensitive manner, while percent-encoding is defined to be case-insensitive. As a result, the lowercase equivalent %2f is not recognized...
CLSA-2026-1778141904 cups: Fix of CVE-2026-27447
CVE-2026-27447: fix authorization bypass via case-insensitive username comparison in scheduler...
CVE-2026-40280 Gotenberg SSRF via case-insensitive URL scheme bypass in webhook and downloadFrom deny-lists
Gotenberg is an API-based document conversion tool. In versions 8.30.1 and earlier, the default private-IP deny-lists for the --webhook-deny-list and --api-download-from-deny-list flags use a case-sensitive regular expression ^https?:// to match URL schemes. Because Go's net/url.Parse normalizes...
Improper Access Control
Caddy is vulnerable to Improper Access Control. The vulnerability is due to incorrect case-insensitive matching in the HTTP path request matcher when percent-encoded sequences are present, allowing attackers to alter request path casing and bypass path-based routing or attached access controls...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the RWStlReader::ReadAscii process when buffers returned by StandardReadLineBuffer::ReadLine are not properly length-validated before being used in strncasecmp or accessed directly. An attacker can cause denial of...
Gotenberg has case-insensitive URL scheme that bypasses webhook and downloadFrom deny-list SSRF protection
Vulnerability Details CWE: CWE-918 - Server-Side Request Forgery SSRF The default private-IP deny-lists for --webhook-deny-list and --api-download-from-deny-list use a case-sensitive regex ^https?://. Any uppercase URL scheme variant HTTP://, HTTPS://, Http:// bypasses the pattern. Go's...
GHSA-5Q7P-7JGV-WW56 Gotenberg has case-insensitive URL scheme that bypasses webhook and downloadFrom deny-list SSRF protection
Vulnerability Details CWE: CWE-918 - Server-Side Request Forgery SSRF The default private-IP deny-lists for --webhook-deny-list and --api-download-from-deny-list use a case-sensitive regex ^https?://. Any uppercase URL scheme variant HTTP://, HTTPS://, Http:// bypasses the pattern. Go's...
Improper Access Control
Caddy is vulnerable to Improper Access Control. The vulnerability is due to incorrect case-insensitive matching in the HTTP host request matcher when large host lists are configured, allowing attackers to modify the casing of the Host header and bypass host-based routing or associated access...
EUVD-2026-25791
The fix for CVE-2025-27636 added setLowerCasetrue to HttpHeaderFilterStrategy so that case-variant header names such as 'CAmelExecCommandExecutable' are filtered out alongside 'CamelExecCommandExecutable'. The same setLowerCasetrue call was not applied to five non-HTTP HeaderFilterStrategy...
PT-2026-35370
Name of the Vulnerable Software and Affected Versions Apache Camel versions 3.0.0 through 4.14.5 Apache Camel versions 4.15.0 through 4.18.1 Apache Camel versions 4.19.0 through 4.19.x Description Certain non-HTTP HeaderFilterStrategy implementations, specifically JmsHeaderFilterStrategy and...
GHSA-72H4-MXFC-JX37 Heimdall: Case-sensitive host matching may lead to policy bypass
Summary Heimdall performs host matching in a case-sensitive manner, while HTTP hostnames are case-insensitive. This discrepancy can result in heimdall failing to match a rule for a request host that differs only in letter casing, potentially causing the request to be classified differently than...
PT-2026-37187
Name of the Vulnerable Software and Affected Versions Heimdall versions prior to 0.17.14 Description Heimdall performs host matching in a case-sensitive manner, which conflicts with the case-insensitive nature of HTTP hostnames. This discrepancy allows a request host that differs only in letter...