2 matches found
PT-2026-37188
Name of the Vulnerable Software and Affected Versions Heimdall versions prior to 0.17.14 Description Heimdall performs rule matching on the raw request path, whereas downstream components may normalize dot-segments according to RFC 3986. This discrepancy allows for the authorization of a request...
PT-2026-37187
Name of the Vulnerable Software and Affected Versions Heimdall versions prior to 0.17.14 Description Heimdall performs host matching in a case-sensitive manner, which conflicts with the case-insensitive nature of HTTP hostnames. This discrepancy allows a request host that differs only in letter...