CVE-2026-47774

No description is available for this CVE. Mitigation Disable HTTP/2 support on Envoy listeners where it is not strictly required, or deploy behind a CDN/reverse proxy that can absorb or rate-limit such attacks. Limiting the maximum number of concurrent streams and header list size via Envoy...

CVE-2025-57816

CVE-2025-57816 concerns the Fides Webserver API rate limiting. The issue arises in deployments that rely on the built‑in IP‑based rate limiter in proxied environments (CDNs, proxies, load balancers): limits are applied to the immediate connection IP rather than the client IP, and counters are sto...

MAL-2024-1553 Malicious code in @ing-caf/cdn-proxy-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 24ccbe0b13f81d2fe8d285bab144167d33f7b4e167833ebf615411db6d318eb6 The OpenSSF Package Analysis project identified '@ing-caf/cdn-proxy-plugin' @ 200.0.2 npm as malicious. It is considered malicious because: - Th...

gomeplus-h5-proxy path traversal vulnerability

gomeplus-h5-proxy is a module that can provide CDN resource proxies. A path traversal vulnerability exists in gomeplus-h5-proxy. An attacker can exploit this vulnerability by placing a '... /' sequence into a URL to access arbitrary files on the system...