4 matches found
CVE-2023-6601
CVE-2023-6601 is a vulnerability in FFmpeg’s HLS demuxer that enables bypassing unsafe file extension checks and triggering arbitrary demuxers via base64 data URIs with specific extensions. Public details in the provided connected advisories attribute the issue to FFmpeg and acknowledge fixes in ...
VulnCheck KEV: CVE-2021-34429
For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the vulnerability reported in CVE-2021-28164/GHSA-v7ff-8wcx-gmc...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Eclipse Jetty
CVE-2021-34429 POC for CVE-2021-34429 - Eclipse Jetty 11.0.5 S...
tomcat Unicode directory traversal vulnerability
Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than...