766 matches found
EUVD-2026-33941
mint: Content-Length header accepts non-RFC "+" sign prefix...
CVE-2026-54430 Server-Site Request Forgery in liboauth2
liboauth2 is vulnerable to Server-Side Request Forgery in oauth2josejwksawsalbresolve function. The AWS ALB verifier reads both signer and kid from the unverified JWT header. If signer matches the configured ARN, kid is appended to albbaseurl without URL encoding or path sanitization, and the HTT...
CVE-2026-54430
liboauth2 is affected by a Server-Side Request Forgery in the oauth2_jose_jwks_aws_alb_resolve() function. The AWS ALB verifier reads signer and kid from the unverified JWT header; if the signer matches the configured ARN, the kid is appended to alb_base_url without URL encoding or path sanitizat...
EUVD-2026-41276
liboauth2 is vulnerable to Server-Side Request Forgery in oauth2josejwksawsalbresolve function. The AWS ALB verifier reads both signer and kid from the unverified JWT header. If signer matches the configured ARN, kid is appended to albbaseurl without URL encoding or path sanitization, and the HTT...
CVE-2026-54430
liboauth2 is vulnerable to Server-Side Request Forgery in oauth2josejwksawsalbresolve function. The AWS ALB verifier reads both signer and kid from the unverified JWT header. If signer matches the configured ARN, kid is appended to albbaseurl without URL encoding or path sanitization, and the HTT...
CVE-2026-8655
Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursi...
CVE-2026-8655
CVE-2026-8655 corresponds to multiple memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway that can cause unpredictable behavior and DoS when the appliance is used as an Oracle load balancer, a DNS Proxy, or a DNS recursive resolver. The NVD/NIST entry and multiple security advi...
EUVD-2026-40308
Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursi...
CVE-2026-8655 Multiple Memory overflow vulnerabilities leading to unpredictable or erroneous behavior and Denial of Service
Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursi...
PT-2026-53881
Name of the Vulnerable Software and Affected Versions NetScaler ADC affected versions not specified NetScaler Gateway affected versions not specified Description Memory overflow issues occur when NetScaler ADC is configured as an Oracle load balancer, a DNS Proxy, or a DNS recursive resolver...
CVE-2026-13763
This CVE affects AWS Application Load Balancer (ALB) with AWS WAF enabled, where inconsistent interpretation of HTTP/2 requests can allow bypass of WAF body inspection when the request body is fragmented across frames, leading to partial inspection. Affected component: HTTP/2 ALB target groups; r...
CVE-2026-13763
Inconsistent interpretation of HTTP/2 requests in AWS Application Load Balancer with AWS WAF enabled might allow remote actors to bypass AWS WAF managed rule body inspection via crafted HTTP/2 requests that fragment the request body across frames so that only a partial body is inspected. This iss...
PT-2026-53692
Name of the Vulnerable Software and Affected Versions AWS Application Load Balancer affected versions not specified Description Inconsistent interpretation of HTTP/2 requests in AWS Application Load Balancer when AWS WAF is enabled may allow remote actors to bypass managed rule body inspection. B...
GHSA-RJFV-PJVX-MJGV vulnerabilities
Vulnerabilities for packages: aws-load-balancer-controller, aws-load-balancer-controller-fips...
CVE-2026-54287
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.25, on AWS Lambda, the ALB single-header response and the VPC Lattice v2 response join multiple Set-Cookie headers into one comma-separated value. Because commas also appear inside cookie attribute...
CVE-2026-54287 Hono: AWS Lambda adapter merges multiple `Set-Cookie` headers into one value, dropping cookies on ALB single-header and Lattice
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.25, on AWS Lambda, the ALB single-header response and the VPC Lattice v2 response join multiple Set-Cookie headers into one comma-separated value. Because commas also appear inside cookie attribute...
CVE-2026-54287
Summary: Hono’s AWS Lambda adapter, in the ALB single-header mode and VPC Lattice v2, concatenates multiple Set-Cookie headers into a single comma-separated value, causing cookie attributes that include commas (e.g., Expires) to be misparsed or dropped. Affected components: Hono web framework; AW...
GHSA-RJFV-PJVX-MJGV vulnerabilities
Vulnerabilities for packages: aws-load-balancer-controller...
hono: AWS Lambda adapter merges multiple `Set-Cookie` headers into one value, dropping cookies on ALB single-header and Lattice
Summary On AWS Lambda, the ALB single-header response and the VPC Lattice v2 response join multiple Set-Cookie headers into one comma-separated value. Because commas also appear inside cookie attributes for example Expires dates, clients cannot split the value back into individual cookies and...
GHSA-J6C9-X7QJ-28XF hono: AWS Lambda adapter merges multiple `Set-Cookie` headers into one value, dropping cookies on ALB single-header and Lattice
Summary On AWS Lambda, the ALB single-header response and the VPC Lattice v2 response join multiple Set-Cookie headers into one comma-separated value. Because commas also appear inside cookie attributes for example Expires dates, clients cannot split the value back into individual cookies and...