Lucene search
K

946 matches found

Vulnrichment
Vulnrichment
added 2026/06/02 7:8 p.m.9 views

CVE-2026-48598 CRLF injection in Tesla.Multipart disposition parameters allows multipart part header injection

Improper Encoding or Escaping of Output vulnerability in elixir-tesla tesla allows multipart part header injection via unescaped Content-Disposition parameter values. Tesla.Multipart.partheadersfordisposition/1 interpolates each disposition parameter as k="v" with no validation of CR \r, LF \n, o...

2.1CVSS5.8AI score0.00143EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/02 7:8 p.m.36 views

CVE-2026-48598 CRLF injection in Tesla.Multipart disposition parameters allows multipart part header injection

Improper Encoding or Escaping of Output vulnerability in elixir-tesla tesla allows multipart part header injection via unescaped Content-Disposition parameter values. Tesla.Multipart.partheadersfordisposition/1 interpolates each disposition parameter as k="v" with no validation of CR \r, LF \n, o...

2.1CVSS0.00143EPSS
Exploits0References4
CVE
CVE
added 2026/06/02 7:8 p.m.30 views

CVE-2026-48598

The CVE-2026-48598 entry affects the Elixir Tesla library, specifically Tesla.Multipart.part_headers_for_disposition/1. The vulnerability arises from improper encoding of disposition parameters, treating each parameter as k="v" without sanitizing CR (\r), LF (\n), or double-quote characters. Mali...

2.1CVSS5.8AI score0.00143EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Tesla 安全漏洞

Tesla is an HTTP client software open source by Elixir Tesla. Versions of Tesla from 0.8.0 to 1.18.3 contained security vulnerabilities. These vulnerabilities stemmed from the lack of escaping of the Content-Disposition parameter value, which could lead to multipart header injection attacks...

2.1CVSS5.3AI score0.00143EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.16 views

PT-2026-45841

Name of the Vulnerable Software and Affected Versions tesla versions 0.8.0 through 1.18.2 Description Improper encoding or escaping of output allows multipart part header injection through unescaped Content-Disposition parameter values. The function part headers for disposition interpolates...

2.1CVSS6AI score0.00143EPSS
Exploits0References13
Cvelist
Cvelist
added 2026/05/27 2:26 p.m.46 views

CVE-2026-47119 Agent Zero < 1.15 Stored XSS via image_get API Endpoint

Agent Zero before version 1.15 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary JavaScript in the application origin by serving SVG files through the imageget API endpoint without Content-Security-Policy, X-Content-Type-Options, or Content-Dispositio...

6.1CVSS0.00236EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/27 12:37 a.m.13 views

Interpretation Conflict

Overview @hapi/content is a HTTP Content- headers parsing Affected versions of this package are vulnerable to Interpretation Conflict due to inconsistent handling of duplicate parameters in the Content.disposition and Content.type functions. An attacker can bypass upload filename allowlists or...

8.6CVSS5.8AI score0.00052EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/27 12:37 a.m.21 views

@hapi/content header parser has a parameter smuggling issue that allows upload-filter bypass via duplicate parameters

Impact The two parsers resolved duplicates inconsistently and silently: - Content.disposition retained the last occurrence of each parameter. - Content.type retained the first occurrence of charset and boundary. Either behavior creates a parameter-smuggling primitive when another component in the...

5.7AI score0.00052EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.13 views

PT-2026-43630

Impact The two parsers resolved duplicates inconsistently and silently: - Content.disposition retained the last occurrence of each parameter. - Content.type retained the first occurrence of charset and boundary. Either behavior creates a parameter-smuggling primitive when another component in the...

7.7CVSS5.7AI score0.00052EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.25 views

PT-2026-44139

Description SymfonyComponentMimeHeaderParameterizedHeader and the related parameter handling reachable from SymfonyComponentMimeHeaderHeaders is responsible for serializing structured headers such as Content-Type and Content-Disposition, which carry key=value parameters e.g. Content-Disposition:...

7.1CVSS5.8AI score0.00056EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/20 5:48 p.m.16 views

EUVD-2026-31146

A path traversal vulnerability exists in the Altium Enterprise Server ComparisonService due to missing filename sanitization in the Gerber file upload APIs. A regular authenticated workspace user can supply a crafted filename in the multipart Content-Disposition header to escape the intended...

9.4CVSS6.5AI score0.00563EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/20 5:48 p.m.31 views

CVE-2026-9102 Path Traversal in Altium Enterprise Server ComparisonService Allows Arbitrary File Write

A path traversal vulnerability exists in the Altium Enterprise Server ComparisonService due to missing filename sanitization in the Gerber file upload APIs. A regular authenticated workspace user can supply a crafted filename in the multipart Content-Disposition header to escape the intended...

9.4CVSS0.00563EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. This could lead to reflected file download attacks that potentially trick users into installing malware. This vulnerability affects Firefox 112, Focu...

8.8CVSS7.1AI score0.00737EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability in ruby-sinatra

Sinatra is a domain-specific language for creating web applications in Ruby. A vulnerability was discovered in Sinatra 2.0 before versions 2.2.3 and 3.0 before version 3.0.4. The application is vulnerable to a reflected file download RFD attack, which causes the Content-Disposition header of a...

8.8CVSS6.9AI score0.00642EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

In multipart/x-mixed-replace responses, the Content-Disposition: attachment header in the response was not respected, and no download was forced, which could allow XSS attacks. This vulnerability affects Firefox 132, Firefox ESR 128.4, Thunderbird 128.4, and Thunderbird 132...

6.1CVSS6.8AI score0.00572EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Ruby-Rack

There is a denial-of-service vulnerability in the Content-Disposition parsing component of Rack, which was fixed in versions 2.0.9.2, 2.1.4.2, 2.2.4.1, and 3.0.0.1. This vulnerability could allow an attacker to create an input that causes the Content-Disposition header parsing in Rack to take an...

7.5CVSS6.6AI score0.01503EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in libsoup2.4

A use-after-free vulnerability was discovered in libsoup, within the soupmessageheadersgetcontentdisposition function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server...

9CVSS7AI score0.00847EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 5:40 p.m.16 views

Regular Expression Denial of Service (ReDoS)

Overview multiparty is a multipart/form-data parser which supports streaming Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the Content-Disposition filename parameter parsing. An attacker can cause excessive resource consumption and block the...

8.7CVSS5.8AI score0.00335EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/18 5:40 p.m.12 views

EUVD-2026-29439

multiparty vulnerable to ReDoS via filename parsing...

7.5CVSS5.8AI score0.00335EPSS
Exploits0References5
Snyk
Snyk
added 2026/05/18 5:40 p.m.11 views

Regular Expression Denial of Service (ReDoS)

Overview org.webjars.npm:multiparty is a multipart/form-data parser which supports streaming Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the Content-Disposition filename parameter parsing. An attacker can cause excessive resource consumption...

8.7CVSS5.8AI score0.00335EPSS
Exploits0References2
Rows per page
Query Builder