CVE-2026-39807

Reliance on Untrusted Inputs in a Security Decision vulnerability in mtrudel bandit allows unauthenticated transport-state spoofing on plaintext HTTP connections. 'Elixir.Bandit.Pipeline':determinescheme/2 in lib/bandit/pipeline.ex returns the client-supplied URI scheme verbatim, ignoring the...

CVE-2026-32688

Allocation of Resources Without Limits or Throttling vulnerability in elixir-plug plugcowboy allows unauthenticated remote denial of service via atom table exhaustion. Plug.Cowboy.Conn.conn/1 in lib/plug/cowboy/conn.ex calls String.toatom/1 on the value returned by :cowboyreq.scheme/1. For HTTP/2...

OSV-2026-610 Memcpy-param-overlap in htx_replace_blk_value

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=504612570 Crash type: Memcpy-param-overlap Crash state: htxreplaceblkvalue httpreplaceheadervalue httpschemebasednormalize...

GHSA-PF3H-QJGV-VCPR vLLM: Server-Side Request Forgery (SSRF) in `download_bytes_from_url `

Summary A Server Side Request Forgery SSRF vulnerability in downloadbytesfromurl allows any actor who can control batch input JSON to make the vLLM batch runner issue arbitrary HTTP/HTTPS requests from the server, without any URL validation or domain restrictions. This can be used to target...

CVE-2026-31804

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.0, the /pmsimageproxy endpoint accepts a user-supplied img parameter and forwards it to Plex Media Server's /photo/:/ transcode transcoder without authentication and without restricting the scheme...

Exploit for Server-Side Request Forgery in Apache Solr

CVE-2021-27905 | Sr No | Title...

CVE-2025-61536

FelixRiddle dev-jobs-handlebars 1.0 uses absolute password-reset magic links using the untrusted req.headers.host header and forces the http:// scheme. An attacker who can control the Host header or exploit a misconfigured proxy/load-balancer that forwards the header unchanged can cause reset lin...

CVE-2025-61536

FelixRiddle dev-jobs-handlebars 1.0 uses absolute password-reset magic links using the untrusted req.headers.host header and forces the http:// scheme. An attacker who can control the Host header or exploit a misconfigured proxy/load-balancer that forwards the header unchanged can cause reset lin...

CVE-2025-61536

FelixRiddle dev-jobs-handlebars 1.0 uses absolute password-reset magic links using the untrusted req.headers.host header and forces the http:// scheme. An attacker who can control the Host header or exploit a misconfigured proxy/load-balancer that forwards the header unchanged can cause reset lin...

Dev jobs handlebars 安全漏洞

Dev jobs handlebars is a job search program by Felix Individual Developers. A security vulnerability exists in Dev jobs handlebars version 1.0 that stems from the use of an untrusted req.headers.host header to generate an absolute password reset link and force the use of an http scheme, which cou...

CVE-2025-61536

FelixRiddle dev-jobs-handlebars 1.0 uses absolute password-reset magic links using the untrusted req.headers.host header and forces the http:// scheme. An attacker who can control the Host header or exploit a misconfigured proxy/load-balancer that forwards the header unchanged can cause reset lin...

CVE-2025-61536

FelixRiddle dev-jobs-handlebars 1.0 is affected by CVE-2025-61536. The issue arises from generating absolute password-reset (magic) links using the untrusted req.headers.host header and forcing the http:// scheme. This allows an attacker who can control the Host header (or a misconfigured proxy/l...

UBUNTU-CVE-2025-27424

Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a malicious page This vulnerability affects Firefox for iOS 136...

CVE-2025-27424 Firefox Mobile iOS Address Bar Spoof Using Server-Side Redirect to non-http Scheme

Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a malicious page. This vulnerability was fixed in Firefox for iOS 136...

AZL-52402 CVE-2024-9681 affecting package cmake for versions less than 3.21.4-16

When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...

CVE-2024-9681 HSTS subdomain overwrites parent cache entry

When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...

Server-Side Request Forgery

@nuxt/icon is vulnerable to Server-Side Request Forgery. The vulnerability is due to improperly parsed proxied request paths in the /api/nuxticon/name endpoint, which lets an attacker change the scheme and host of the request. An attackers can exploit this flaw by passing a path prefixed with...

Nuxt Icon affected by a Server-Side Request Forgery (SSRF)

Summary nuxt/icon provides an API to allow client side icon lookup. This endpoint is at /api/nuxticon/name. The proxied request path is improperly parsed, allowing an attacker to change the scheme and host of the request. This leads to SSRF, and could potentially lead to sensitive data exposure...

DEBIAN-CVE-2022-2047

In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This can lead to failures in a Proxy scenario...

CVE-2022-2047

In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This can lead to failures in a Proxy scenario...