Lucene search
K

1651 matches found

Nuclei
Nuclei
added 2 days ago754 views

aiohttp - Directory Traversal

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'followsymlinks' can be used to determine whether to follow symboli...

7.5CVSS6.8AI score0.76875EPSS
Exploits15References3
OSV
OSV
added 6 days ago2 views

GHSA-Q6GH-6V2R-HJV3 Micronaut: DefaultHttpClient follows redirects, forwarding Authorization, Cookie, and Proxy-Authorization headers

Impact DefaultHttpClient follows redirects and forwards Authorization, Cookie, and Proxy-Authorization headers to redirect targets across domain boundaries. The blocklist only filters Host/Connection/TE/CT/CL. Additionally, no maximum redirect count exists, enabling infinite loop DoS. Affected:...

6.8CVSS6AI score
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/07/08 8:21 a.m.4 views

CVE-2026-55688

A flaw was found in the AsyncHttpClient AHC library. The ThreadSafeCookieStore component did not properly verify the domain attribute of cookies, allowing a malicious host to set a cookie for an unrelated domain. This cookie would then be sent by the client in subsequent requests to the targeted...

4CVSS5.8AI score0.00179EPSS
Exploits0References5
OSV
OSV
added 2026/07/07 3:26 p.m.5 views

GO-2026-5890 Kerberos Hub private key (X-Kerberos-Hub-PrivateKey) leaked to cross-host redirect target due to redirect-following HTTP client without CheckRedirect in github.com/kerberos-io/agent/machinery

Kerberos Hub private key X-Kerberos-Hub-PrivateKey leaked to cross-host redirect target due to redirect-following HTTP client without CheckRedirect in github.com/kerberos-io/agent/machinery...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/07/01 8:17 p.m.3 views

DEBIAN-CVE-2026-55688

The AsyncHttpClient AHC library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. In versions from 2.0.0 prior to 2.16.0 and from 3.0.0.Beta1 prior to 3.0.11, ThreadSafeCookieStore stored a cookie under the value of its Domain attribute without...

4CVSS5.8AI score0.00179EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 7:40 p.m.22 views

CVE-2026-55688

Affected software: AsyncHttpClient (AHC) library for Java. Vulnerable versions: 2.0.0 up to (but not including) 2.16.0, and 3.0.0.Beta1 up to (but not including) 3.0.11. Root cause: ThreadSafeCookieStore may store a cookie using the.Domain value without validating that the responding host is allo...

4CVSS5.8AI score0.00179EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/01 7:40 p.m.10 views

CVE-2026-55688

The AsyncHttpClient AHC library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. In versions from 2.0.0 prior to 2.16.0 and from 3.0.0.Beta1 prior to 3.0.11, ThreadSafeCookieStore stored a cookie under the value of its Domain attribute without...

4CVSS5.8AI score0.00179EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.4 views

openSUSE 16 Security Update : python-tornado6 (openSUSE-SU-2026:21067-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:21067-1 advisory. This update for python-tornado6 fixes the following issues - CVE-2026-49853: authorization header forwarded across cross-origin redirects in...

7.7CVSS6AI score0.00052EPSS
Exploits0References9
OSV
OSV
added 2026/06/22 6:16 p.m.5 views

DEBIAN-CVE-2026-46417

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-next.12, 21.2.13, 20.3.21, and 19.2.22, a Server-Side Request Forgery SSRF vulnerability exists in @angular/platform-server. The issue stems from how...

6.1CVSS5.8AI score0.00221EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/22 4:32 p.m.6 views

CVE-2026-54279

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, host-only cookies that are saved with CookieJar.save and then restored later with CookieJar.load lose their host-only status. This vulnerability is fixed in 3.14.1...

7.5CVSS5.8AI score0.00279EPSS
Exploits0
Fedora
Fedora
added 2026/06/21 1:1 a.m.7 views

[SECURITY] Fedora 44 Update: erlang-gun-2.4.1-1.fc44

Erlang HTTP client with support for HTTP/1.1, HTTP/2, Websocket and more...

8.7CVSS5.8AI score0.00381EPSS
Exploits0
Snyk
Snyk
added 2026/06/17 6:21 p.m.7 views

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview undici is an An HTTP/1.1 client, written from scratch for Node.js Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition in the HTTP/1.1 client when an attacker-controlled upstream server injects an unsolicited response onto an idle keep-alive...

6.3CVSS5.9AI score0.00228EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/15 8:41 p.m.8 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Missing Critical Step in Authentication (CVE-2026-40542)

Summary There are vulnerabilities in httpclient5-5.6.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2026-40542. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2026-40542 DESCRIPTION: Missing critical step in authentication in Apache HttpClient 5.6 allows an...

7.3CVSS5.2AI score0.00456EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/06/15 8:19 p.m.8 views

GHSA-MGF9-4VPG-HJ56 tornado AsyncHTTPClient accumulates decompressed chunks without size limit (gzip bomb)

Tornado's gzip decompression routines work in limited-size chunks, but have no overall limit for the total size of decompressed chunks that they will accumulate There has always been a limit for the total compressed size. This allows a malicious server to consume effectively unlimited amounts of...

7.5CVSS5.4AI score0.00052EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/15 5:31 p.m.8 views

Symfony: IpUtils::PRIVATE_SUBNETS Omits IPv6 Transition Forms (6to4, NAT64, Teredo, IPv4-compatible): SSRF Bypass in NoPrivateNetworkHttpClient

Description Symfony\Component\HttpClient\NoPrivateNetworkHttpClient is documented as a decorator that blocks requests to private networks by default. The list of blocked subnets Symfony\Component\HttpFoundation\IpUtils::PRIVATESUBNETS on 6.4+, a private constant in NoPrivateNetworkHttpClient on 5...

6.9CVSS5.3AI score0.00029EPSS
Exploits0References8Affected Software3
Cvelist
Cvelist
added 2026/06/12 2:15 p.m.30 views

CVE-2026-47139 vm2: NodeVM network builtin exclusions bypass via internal _http_client and _http_server

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM supports excluding public network builtins from the wildcard builtin option. With this configuration direct access to http, https, http2, net, dgram, tls, dns, and dns/promises is blocked. However, Node.js also exposes...

8.6CVSS0.00282EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/12 2:15 p.m.11 views

CVE-2026-47139 vm2: NodeVM network builtin exclusions bypass via internal _http_client and _http_server

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM supports excluding public network builtins from the wildcard builtin option. With this configuration direct access to http, https, http2, net, dgram, tls, dns, and dns/promises is blocked. However, Node.js also exposes...

8.6CVSS5.3AI score0.00282EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/12 2:25 a.m.10 views

SUSE CVE-2026-48856

Sensitive Data Exposure vulnerability in Erlang OTP inets httpcresponse module allows Retrieve Embedded Sensitive Data. The httpc client forwards the Authorization and Proxy-Authorization request headers to redirect targets without checking whether the redirect crosses an origin boundary...

7.1CVSS5.3AI score0.00335EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/11 6:55 p.m.24 views

CVE-2026-49949 CodexBar < 0.33.0 Credential Leakage via HTTP Redirect

CodexBar before 0.33.0 contains a credential forwarding vulnerability that allows network-adjacent attackers to intercept sensitive credentials by issuing cross-origin or HTTP-downgrade redirects to the shared ProviderHTTPClient transport. Attackers can redirect credentialed provider requests...

6CVSS0.00253EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.7 views

FreeBSD : Erlang/OTP -- httpc leaks authentication headers on cross-host redirect (d87e2466-64d4-11f1-ab11-4c526214c986)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d87e2466-64d4-11f1-ab11-4c526214c986 advisory. https://github.com/erlang/otp/security/advisories/GHSA-m75x-4vwg-ggjh reports: The HTTP client httpc in...

7.1CVSS5.4AI score0.00335EPSS
Exploits0References3
Rows per page
Query Builder