Lucene search
K

460 matches found

Veracode
Veracode
added 2026/05/04 9:5 p.m.15 views

Remote Code Execution (RCE)

Apache Camel is vulnerable to Remote Code Execution. The vulnerability is due to inconsistent case-sensitive header filtering in non-HTTP HeaderFilterStrategy implementations, which allows an attacker to inject malicious headers that are later interpreted by downstream components to execute...

9.9CVSS6.2AI score0.0086EPSS
Exploits1References9Affected Software4
Vulnrichment
Vulnrichment
added 2026/04/30 5:37 p.m.19 views

CVE-2026-3833 Gnutls: gnutls: policy bypass due to case-sensitive nameconstraints comparison

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...

6.5CVSS5.3AI score0.00566EPSS
Exploits1References15
OSV
OSV
added 2026/04/30 5:37 p.m.1 views

CVE-2026-3833 Gnutls: gnutls: policy bypass due to case-sensitive nameconstraints comparison

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...

6.5CVSS5.9AI score0.00566EPSS
Exploits1References20
Snyk
Snyk
added 2026/04/30 5:26 p.m.5 views

Improper Handling of Case Sensitivity

Overview Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity in the enforcement of X.509 nameConstraints due to case-sensitive comparisons for dNSName and the domain portion of rfc822Name. An attacker can gain unauthorized certificate validation and potential...

7.4CVSS5.8AI score0.00566EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/27 10:15 a.m.6 views

Improper Handling of Case Sensitivity

Overview Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity due to a flaw in the default filtering mechanism HeaderFilterStrategy that only blocks headers starting with specific prefixes. An attacker can execute arbitrary code and write files by injecting...

9.9CVSS6.2AI score0.0086EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/27 10:15 a.m.4 views

Improper Handling of Case Sensitivity

Overview Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity due to a flaw in the default filtering mechanism HeaderFilterStrategy that only blocks headers starting with specific prefixes. An attacker can execute arbitrary code and write files by injecting...

9.9CVSS6.2AI score0.0086EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/27 10:15 a.m.6 views

Improper Handling of Case Sensitivity

Overview Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity due to a flaw in the default filtering mechanism HeaderFilterStrategy that only blocks headers starting with specific prefixes. An attacker can execute arbitrary code and write files by injecting...

9.9CVSS6.2AI score0.0086EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/27 10:15 a.m.6 views

Improper Handling of Case Sensitivity

Overview Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity due to a flaw in the default filtering mechanism HeaderFilterStrategy that only blocks headers starting with specific prefixes. An attacker can execute arbitrary code and write files by injecting...

9.9CVSS6.2AI score0.0086EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/04/27 8:23 a.m.6 views

CVE-2026-40453 Apache Camel JMS, Apache Camel CoAP, Apache Camel Google PubSub: Incomplete fix for CVE-2025-27636 in non-HTTP HeaderFilterStrategies (camel-jms, camel-sjms, camel-coap, camel-google-pubsub) allows case-variant header injection

The fix for CVE-2025-27636 added setLowerCasetrue to HttpHeaderFilterStrategy so that case-variant header names such as 'CAmelExecCommandExecutable' are filtered out alongside 'CamelExecCommandExecutable'. The same setLowerCasetrue call was not applied to five non-HTTP HeaderFilterStrategy...

6.5AI score0.0086EPSS
Exploits1References1
Snyk
Snyk
added 2026/04/25 11:30 p.m.4 views

Interpretation Conflict

Overview Affected versions of this package are vulnerable to Interpretation Conflict due to case-sensitive handling of the host matching process. An attacker can bypass access control policies by sending requests with hostnames that differ only in letter casing, potentially gaining unauthorized...

9.1CVSS5.8AI score0.00301EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/25 11:30 p.m.18 views

Heimdall: Case-sensitive host matching may lead to policy bypass

Summary Heimdall performs host matching in a case-sensitive manner, while HTTP hostnames are case-insensitive. This discrepancy can result in heimdall failing to match a rule for a request host that differs only in letter casing, potentially causing the request to be classified differently than...

7.8CVSS5.4AI score0.00301EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/04/25 11:29 p.m.5 views

GHSA-43JV-5J4X-QV67 Heimdall: Case-sensitive handling of URL-encoded slashes may lead to inconsistent path interpretation

Summary Heimdall handles URL-encoded slashes %2F in a case-sensitive manner, while percent-encoding is defined to be case-insensitive. As a result, the lowercase equivalent %2f is not recognized and therefore not processed as expected when allowencodedslashes is set to off the default setting. Th...

7.8CVSS5.8AI score0.00396EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/04/25 11:29 p.m.11 views

Heimdall: Case-sensitive handling of URL-encoded slashes may lead to inconsistent path interpretation

Summary Heimdall handles URL-encoded slashes %2F in a case-sensitive manner, while percent-encoding is defined to be case-insensitive. As a result, the lowercase equivalent %2f is not recognized and therefore not processed as expected when allowencodedslashes is set to off the default setting. Th...

7.8CVSS5.3AI score0.00396EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/25 12:0 a.m.13 views

PT-2026-37187

Name of the Vulnerable Software and Affected Versions Heimdall versions prior to 0.17.14 Description Heimdall performs host matching in a case-sensitive manner, which conflicts with the case-insensitive nature of HTTP hostnames. This discrepancy allows a request host that differs only in letter...

7.8CVSS5.8AI score0.00301EPSS
Exploits0References11
Github Security Blog
Github Security Blog
added 2026/04/22 7:55 p.m.16 views

Marko: XSS via case-insensitive script/style closing tag bypass in runtime HTML escaping

Summary When dynamic text is interpolated into a or tag the Marko runtime failed to prevent tag breakout when the closing tag used non-lowercase casing. An attacker able to place input inside a or block could break out of the tag with , , etc. and inject arbitrary HTML/JavaScript, resulting in...

6.4CVSS5.8AI score0.00195EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2026/04/14 1:10 p.m.5 views

JLSEC-2026-115 Deno has an incomplete fix for command-injection prevention on Windows — case-insensitive extension bypass

Summary A prior patch aimed to block spawning Windows batch/shell files by returning an error when a spawned path’s extension matched .bat or .cmd. That check performs a case-sensitive comparison against lowercase literals and therefore can be bypassed when the extension uses alternate casing for...

8.1CVSS6AI score0.00619EPSS
Exploits1References4
OSV
OSV
added 2026/04/13 5:43 a.m.9 views

BIT-GOLANG-2026-33810 Case-sensitive excludedSubtrees name constraints cause Auth Bypass in crypto/x509

When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...

8.8CVSS5.8AI score0.0034EPSS
Exploits0References43
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.4 views

PT-2026-32425

When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...

7.5CVSS5.8AI score0.0034EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2026/04/11 8:10 a.m.5 views

Case-sensitive excludedSubtrees name constraints cause Auth Bypass in crypto/x509

...

8.8CVSS5.8AI score0.0034EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/04/08 11:26 p.m.6 views

SUSE CVE-2026-31842

Tinyproxy through 1.11.3 is vulnerable to HTTP request parsing desynchronization due to a case-sensitive comparison of the Transfer-Encoding header in src/reqs.c. The ischunkedtransfer function uses strcmp to compare the header value against "chunked", even though RFC 7230 specifies that...

8.7CVSS5.8AI score0.00899EPSS
Exploits1References3
Rows per page
Query Builder