Lucene search
K

55 matches found

NVD
NVD
added 2026/07/02 10:16 a.m.7 views

CVE-2026-14336

PIA's OIDC issuer allowlist for Jenkins tokens uses a bare string-prefix check issuer.startswith' https://ci.eclipse.org ' in isissuerknown, pia/models.py:139 instead of validating the issuer as a properly host-bounded URL. An attacker can craft an issuer such as https://[email protected]...

8.2CVSS0.00321EPSS
Exploits0References1
Mageia
Mageia
added 2026/06/18 9:28 p.m.12 views

Updated ruby-rack packages fix security vulnerabilities

CVE-2026-26961 Greedy multipart boundary parsing can cause parser differentials and WAF bypass. Forwarded header semicolon injection enables Host and Scheme spoofing. CVE-2026-34230 Quadratic complexity in Rack::Utils.selectbestencoding via wildcard Accept-Encoding header. CVE-2026-34763 Root...

7.5CVSS5AI score0.00475EPSS
Exploits2References13
OSV
OSV
added 2026/06/18 9:28 p.m.7 views

MGASA-2026-0226 Updated ruby-rack packages fix security vulnerabilities

CVE-2026-26961 Greedy multipart boundary parsing can cause parser differentials and WAF bypass. Forwarded header semicolon injection enables Host and Scheme spoofing. CVE-2026-34230 Quadratic complexity in Rack::Utils.selectbestencoding via wildcard Accept-Encoding header. CVE-2026-34763 Root...

7.5CVSS5.2AI score0.00475EPSS
Exploits2References14
OSV
OSV
added 2026/04/02 8:31 p.m.2 views

GHSA-QFGR-CRR9-7R49 Rack: Forwarded Header semicolon injection enables Host and Scheme spoofing

Summary Rack::Utils.forwardedvalues parses the RFC 7239 Forwarded header by splitting on semicolons before handling quoted-string values. Because quoted values may legally contain semicolons, a header such as: http Forwarded: for="127.0.0.1;host=evil.com;proto=https" can be interpreted by Rack as...

4.8CVSS6AI score0.00179EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/04/02 8:31 p.m.11 views

Rack: Forwarded Header semicolon injection enables Host and Scheme spoofing

Summary Rack::Utils.forwardedvalues parses the RFC 7239 Forwarded header by splitting on semicolons before handling quoted-string values. Because quoted values may legally contain semicolons, a header such as: http Forwarded: for="127.0.0.1;host=evil.com;proto=https" can be interpreted by Rack as...

6.5CVSS5.9AI score0.00179EPSS
Exploits0References4Affected Software1
Snyk
Snyk
added 2026/04/02 6:20 p.m.8 views

Interpretation Conflict

Overview rack is a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between the so-called middleware into a singl...

6.5CVSS5.9AI score0.00179EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/02 5:6 p.m.31 views

CVE-2026-32762 Rack: Forwarded Header semicolon injection enables Host and Scheme spoofing

Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21 and 3.2.0 to before 3.2.6, Rack::Utils.forwardedvalues parses the RFC 7239 Forwarded header by splitting on semicolons before handling quoted-string values. Because quoted values may legally contain semicolons...

4.8CVSS0.00179EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/02 5:6 p.m.4 views

CVE-2026-32762 Rack: Forwarded Header semicolon injection enables Host and Scheme spoofing

Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21 and 3.2.0 to before 3.2.6, Rack::Utils.forwardedvalues parses the RFC 7239 Forwarded header by splitting on semicolons before handling quoted-string values. Because quoted values may legally contain semicolons...

4.8CVSS5.7AI score0.00179EPSS
Exploits0References1
CVE
CVE
added 2026/04/02 5:6 p.m.16 views

CVE-2026-32762

Rack is a modular Ruby web server interface. Vulnerability CVE-2026-32762 affects Rack::Utils.forwarded_values in versions 3.0.0.beta1–3.1.20 and 3.2.0–3.2.5, where the Forwarded header is parsed by splitting on semicolons before handling quoted values. Because semicolons may appear inside quoted...

6.5CVSS5.7AI score0.00179EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.7 views

PT-2026-29921

Summary Rack::Utils.forwarded values parses the RFC 7239 Forwarded header by splitting on semicolons before handling quoted-string values. Because quoted values may legally contain semicolons, a header such as: http Forwarded: for="127.0.0.1;host=evil.com;proto=https" can be interpreted by Rack a...

4.8CVSS5.9AI score0.00179EPSS
Exploits0References4
RubySec
RubySec
added 2026/04/02 12:0 a.m.30 views

Rack - Forwarded Header semicolon injection enables Host and Scheme spoofing

Summary Rack::Utils.forwardedvalues parses the RFC 7239 Forwarded header by splitting on semicolons before handling quoted-string values. Because quoted values may legally contain semicolons, a header such as: http Forwarded: for="127.0.0.1;host=evil.com;proto=https" can be interpreted by Rack as...

6.5CVSS5.9AI score0.00179EPSS
Exploits0References1Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/25 7:32 p.m.6 views

fastify: request.protocol and request.host Spoofable via X-Forwarded-Proto/Host from Untrusted Connections

Summary When trustProxy is configured with a restrictive trust function e.g., a specific IP like trustProxy: '10.0.0.1', a subnet, a hop count, or a custom function, the request.protocol and request.host getters read X-Forwarded-Proto and X-Forwarded-Host headers from any connection — including...

6.1CVSS5.8AI score0.0012EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/03/25 7:32 p.m.4 views

GHSA-444R-CWP2-X5XF fastify: request.protocol and request.host Spoofable via X-Forwarded-Proto/Host from Untrusted Connections

Summary When trustProxy is configured with a restrictive trust function e.g., a specific IP like trustProxy: '10.0.0.1', a subnet, a hop count, or a custom function, the request.protocol and request.host getters read X-Forwarded-Proto and X-Forwarded-Host headers from any connection — including...

6.1CVSS5.8AI score0.0012EPSS
Exploits0References6
NVD
NVD
added 2026/03/24 8:16 p.m.17 views

CVE-2026-33511

pyLoad is a free and open-source download manager written in Python. From version 0.4.20 to before version 0.5.0b3.dev97, the localcheck decorator in pyLoad's ClickNLoad feature can be bypassed by any remote attacker through HTTP Host header spoofing. This allows unauthenticated remote users to...

9.8CVSS0.00422EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/23 5:10 p.m.5 views

CVE-2026-3635

A flaw was found in fastify. When the trustProxy option is configured with a restrictive trust function, such as a specific IP, a subnet, a hop count or a custom function, the request.protocol and request.host getters read X-Forwarded-Proto and X-Forwarded-Host headers from any connection,...

6.1CVSS5.6AI score0.0012EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/23 1:53 p.m.1 views

CVE-2026-3635 Fastify request.protocol and request.host spoofable via X-Forwarded-Proto/Host from untrusted connections when trustProxy uses restrictive trust function

Summary When trustProxy is configured with a restrictive trust function e.g., a specific IP like trustProxy: '10.0.0.1', a subnet, a hop count, or a custom function, the request.protocol and request.host getters read X-Forwarded-Proto and X-Forwarded-Host headers from any connection — including...

6.1CVSS5.8AI score0.0012EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/23 1:53 p.m.3 views

CVE-2026-3635

Summary When trustProxy is configured with a restrictive trust function e.g., a specific IP like trustProxy: '10.0.0.1', a subnet, a hop count, or a custom function, the request.protocol and request.host getters read X-Forwarded-Proto and X-Forwarded-Host headers from any connection — including...

6.1CVSS5.8AI score0.0012EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/23 1:53 p.m.3 views

Use of Less Trusted Source

Overview fastify is an overhead web framework, for Node.js. Affected versions of this package are vulnerable to Use of Less Trusted Source in the request.protocol and request.host getters. An attacker can manipulate the perceived protocol and host by sending crafted X-Forwarded-Proto and...

6.1CVSS5.8AI score0.0012EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/23 1:53 p.m.24 views

CVE-2026-3635 Fastify request.protocol and request.host spoofable via X-Forwarded-Proto/Host from untrusted connections when trustProxy uses restrictive trust function

Summary When trustProxy is configured with a restrictive trust function e.g., a specific IP like trustProxy: '10.0.0.1', a subnet, a hop count, or a custom function, the request.protocol and request.host getters read X-Forwarded-Proto and X-Forwarded-Host headers from any connection — including...

6.1CVSS0.0012EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2001-0528

Malware in sbrugna...

7.5CVSS6.4AI score0.01958EPSS
Exploits0References3
Rows per page
Query Builder