115 matches found
Rack:: Static header_rules bypass via URL-encoded paths
Summary Rack::Staticapplicablerules evaluates several headerrules types against the raw URL-encoded PATHINFO, while the underlying file-serving path is decoded before the file is served. As a result, a request for a URL-encoded variant of a static path can serve the same file without the headers...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal through a discrepancy in path normalization between protocol handlers and internal routing. An attacker can bypass folder-level permissions or escape the boundaries of a configured virtual folder by crafting specific...
Directory Traversal
Overview std/os is a Go standard library package std/os Affected versions of this package are vulnerable to Directory Traversal. Go Vulnerability Report:On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file...
CVE-2026-29087 @hono/node-server: Authorization bypass for protected static paths via encoded slashes in Serve Static Middleware
@hono/node-server allows running the Hono application on Node.js. Prior to version 1.19.10, when using @hono/node-server's static file serving together with route-based middleware protections e.g. protecting /admin/, inconsistent URL decoding can allow protected static resources to be accessed...
Directory Traversal
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via the static file serving API. An attacker can access files outside the intended directory by placing symbolic links within the root directory and requesting those...
CVE-2026-27199 Werkzeug safe_join() allows Windows special device names
Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safejoin function allows Windows device names as filenames if preceded by other path segments. This was previously reported as GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fact that...
Werkzeug safe_join() allows Windows special device names
Werkzeug's safejoin function allows Windows device names as filenames if when preceded by other path segments. This was previously reported as https://github.com/pallets/werkzeug/security/advisories/GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fact that safejoin accepts...
NocoDB Vulnerable to Stored Cross-Site Scripting via SVG upload
Summary A stored Cross-site Scripting XSS vulnerability exists in NocoDB’s attachment handling mechanism. Authenticated users can upload malicious SVG files containing embedded JavaScript, which are later rendered inline and executed in the browsers of other users who view the attachment. Because...
CVE-2025-66221 Werkzeug safe_join() allows Windows special device names
Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.4, Werkzeug's safejoin function allows path segments with Windows device names. On Windows, there are special device names such as CON, AUX, etc that are implicitly present and readable in every directory...
Directory Traversal
Overview cn.dreampie:resty-httpclient is a Resty java httpClient Affected versions of this package are vulnerable to Directory Traversal via the Request function. An attacker can access or modify files outside the intended directory by supplying crafted input to the filename argument. Details A...
CVE-2025-34337 eGovFramework <= 4.3.1 Unauthenticated Encryption Oracle via Web Editor Image Upload Endpoints
eGovFramework/egovframe-common-components versions up to and including 4.3.1 includes Web Editor image upload and related file delivery functionality that uses symmetric encryption to protect URL parameters, but exposes an encryption oracle that allows attackers to generate valid ciphertext for...
EUVD-2020-0621
Malware in sbrugna...
EUVD-2006-6620
Malware in sbrugna...
EUVD-2006-3228
Malware in sbrugna...
EUVD-2018-0375
Malware in sbrugna...
EUVD-2016-2332
Malware in sbrugna...
EUVD-2023-2954
Malicious code in bioql PyPI...
EUVD-2024-1511
Malicious code in bioql PyPI...
CVE-2025-59049
Mockoon before 9.2.0 is affected by a Path Traversal and Local File Inclusion (LFI) in the static file serving endpoint. The issue stems from unsafe templating of the server filename using user input, enabling an attacker to read arbitrary files from the mock server filesystem. A fix is available...
CVE-2025-59049 Mockoon has a Path Traversal and LFI in the static file serving endpoint
Mockoon provides way to design and run mock APIs. Prior to version 9.2.0, a mock API configuration for static file serving follows the same approach presented in the documentation page, where the server filename is generated via templating features from user input is vulnerable to Path Traversal...