Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNNVD
CNNVDadded 2026/03/24 12:0 a.m.4 views

salvo 安全漏洞

Salvo is a web framework developed by Salvo OpenSource. Versions of Salvo from 0.39.0 to 0.89.2 have security vulnerabilities. These vulnerabilities stem from the encodeurlpath function in the salvo-proxy component, which fails to normalize the "../sequence", potentially allowing for path travers...

7.5CVSS5.8AI score0.00565EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2026/03/23 11:40 p.m.2 views

CVE-2026-33242 Salvo has a Path Traversal in salvo-proxy::encode_url_path allows API Gateway Bypass

Salvo is a Rust web framework. Versions 0.39.0 through 0.89.2 have a Path Traversal and Access Control Bypass vulnerability in the salvo-proxy component. The vulnerability allows an unauthenticated external attacker to bypass proxy routing constraints and access unintended backend paths e.g.,...

7.5CVSS5.9AI score0.00565EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2026/03/23 11:40 p.m.2 views

CVE-2026-33242

Salvo is a Rust web framework. Versions 0.39.0 through 0.89.2 have a Path Traversal and Access Control Bypass vulnerability in the salvo-proxy component. The vulnerability allows an unauthenticated external attacker to bypass proxy routing constraints and access unintended backend paths e.g.,...

7.5CVSS5.9AI score0.00565EPSS
Exploits1References4Affected Software1
CVE
CVEadded 2026/03/23 11:40 p.m.13 views

CVE-2026-33242

Salvo (Rust web framework) has a Path Traversal and Access Control Bypass in the salvo-proxy component affecting versions 0.39.0–0.89.2. The root cause is encode_url_path failing to normalize ".." sequences, allowing unauthenticated attackers to reach unintended backend paths. Version 0.89.3 cont...

7.5CVSS5.9AI score0.00565EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2026/03/23 11:40 p.m.4 views

CVE-2026-33242 Salvo has a Path Traversal in salvo-proxy::encode_url_path allows API Gateway Bypass

Salvo is a Rust web framework. Versions 0.39.0 through 0.89.2 have a Path Traversal and Access Control Bypass vulnerability in the salvo-proxy component. The vulnerability allows an unauthenticated external attacker to bypass proxy routing constraints and access unintended backend paths e.g.,...

7.5CVSS5.9AI score0.00565EPSS
Exploits1References5
Github Security Blog
Github Security Blogadded 2026/03/19 12:44 p.m.8 views

Salvo has a Path Traversal in salvo-proxy::encode_url_path allows API Gateway Bypass

Details A Path Traversal and Access Control Bypass vulnerability was discovered in the salvo-proxy component of the Salvo Rust framework v0.89.2. The vulnerability allows an unauthenticated external attacker to bypass proxy routing constraints and access unintended backend paths e.g., protected...

7.5CVSS5.8AI score0.00565EPSS
Exploits1References5Affected Software1
OSV
OSVadded 2026/03/19 12:44 p.m.1 views

GHSA-F842-PHM9-P4V4 Salvo has a Path Traversal in salvo-proxy::encode_url_path allows API Gateway Bypass

Details A Path Traversal and Access Control Bypass vulnerability was discovered in the salvo-proxy component of the Salvo Rust framework v0.89.2. The vulnerability allows an unauthenticated external attacker to bypass proxy routing constraints and access unintended backend paths e.g., protected...

7.5CVSS5.8AI score0.00565EPSS
Exploits1References5
Rows per page
Query Builder