6240 matches found
CVE-2026-44889
WebOb provides objects for HTTP requests and responses. Prior to 1.8.10, the normalization of the HTTP Location header during a redirect is vulnerable to an open redirect: WebOb joins the redirect target to the request URI using Python's urljoin, and since Python 3.10 the underlying urlsplit stri...
UBUNTU-CVE-2026-44889
WebOb provides objects for HTTP requests and responses. Prior to 1.8.10, the normalization of the HTTP Location header during a redirect is vulnerable to an open redirect: WebOb joins the redirect target to the request URI using Python's urljoin, and since Python 3.10 the underlying urlsplit stri...
CVE-2026-44889 WebOb: Location header normalization during redirect leads to open redirect
WebOb provides objects for HTTP requests and responses. Prior to 1.8.10, the normalization of the HTTP Location header during a redirect is vulnerable to an open redirect: WebOb joins the redirect target to the request URI using Python's urljoin, and since Python 3.10 the underlying urlsplit stri...
CVE-2026-44889
WebOb (HTTP request/response utilities) is affected prior to version 1.8.10 by an open redirect in Location header normalization during redirects. The vulnerability arises from how WebOb uses urljoin/urlsplit to combine the redirect target with the request URL; since Python 3.10, urlsplit strips ...
CVE-2026-44889
WebOb provides objects for HTTP requests and responses. Prior to 1.8.10, the normalization of the HTTP Location header during a redirect is vulnerable to an open redirect: WebOb joins the redirect target to the request URI using Python's urljoin, and since Python 3.10 the underlying urlsplit stri...
MINI-JCF7-QX3R-37XV
Bulletin has no description...
MINI-WGWP-RM9G-7P57
Bulletin has no description...
MINI-37FM-78JH-R7H5
Bulletin has no description...
MINI-544W-VRMV-G3FR
Bulletin has no description...
MINI-J7FC-23XH-PGR2
Bulletin has no description...
MINI-C47P-FJ2X-WW4X
Bulletin has no description...
MINI-73G2-8V54-Q3HG
Bulletin has no description...
MINI-VHWW-P47X-Q2M6
Bulletin has no description...
MINI-XV3W-625M-FCXX
Bulletin has no description...
MINI-CHJ3-J2MJ-CQ7Q
Bulletin has no description...
MINI-F8CH-HP76-WW77
Bulletin has no description...
MINI-PQP6-82RJ-WF49
Bulletin has no description...
CVE-2026-56218 Capgo - EXIF Metadata Exposure via Image Upload
Capgo before 12.128.2 fails to strip EXIF metadata including GPS geolocation data from uploaded images, allowing information disclosure. Attackers can download uploaded images and extract precise latitude and longitude coordinates revealing user physical location at capture time...
CVE-2026-56218
Capgo prior to 12.128.2 does not strip EXIF metadata (including GPS coordinates) from uploaded images, enabling disclosure of users’ precise location. Attackers can download images and extract coordinates at capture time. Remediation: upgrade Capgo to version 12.128.2 or later.
MINI-4MH4-25J3-4349
Bulletin has no description...