3 matches found
CVE-2025-64765
Astro (web framework) vulnerability CVE-2025-64765 and related advisories describe a path normalization mismatch: Astro uses decodeURI for routing, while middleware reads context.url.pathname without the same normalization. This permits bypassing path-based authentication by double-encoded URLs (...
MAL-2025-191686 Malicious code in aws-enumerateiam (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c108190780b32337fdce8748948935ac4229f0236710653f363b80a95dfbcd17 Before creating the boto3 client, package exfiltrates user's credentials. In this version, the exfiltrating is masked as connecting to an AWS component. The UR...
UBUNTU-CVE-2020-12409
When using certain blank characters in a URL, they where incorrectly rendered as spaces instead of an encoded URL. This vulnerability affects Firefox 77...