CVE-2026-42274

Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version 0.17.14, Heimdall performs rule matching on the raw non-normalized request path, while downstream components may normalize dot-segments according to RFC 3986, Section 6.2.2.3. This discrepancy ca...

CVE-2026-42274

CVE-2026-42274 affects Heimdall (cloud-native Identity Aware Proxy and Access Control Decision service). Before v0.17.14, it matches rules on raw, non-normalized request paths while downstream components normalize dot-segments per RFC 3986, potentially authorizing requests whose normalized path d...

CVE-2026-42274

Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version 0.17.14, Heimdall performs rule matching on the raw non-normalized request path, while downstream components may normalize dot-segments according to RFC 3986, Section 6.2.2.3. This discrepancy ca...

Red Hat build of Keycloak 代码问题漏洞

Red Hat build of Keycloak is a web application for single sign-on from Red Hat USA. A code issue vulnerability exists in the Red Hat build of Keycloak, which stems from a proxy misconfiguration that could result in accessing the /admin path via a non-normalized path...

EUVD-2022-2065

Malicious code in bioql PyPI...

Access Control Bypass

Envoy is vulnerable to access control bypass attacks. This is because it does not normalize HTTP URL paths. A remote attacker could craft a relative path and could interpret the non-normalized path, that provide an attacker to access beyond the scope provided by the access control policy...