6 matches found
PT-2026-51581
Name of the Vulnerable Software and Affected Versions ash-project ash versions 3.0.0 through 3.29.2 Description An issue exists where users can set the value of a private action argument intended to be controlled exclusively by trusted server-side code. Action arguments declared with public?: fal...
CVE-2026-3260
A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing multipart/form-data content. If the underlying application processes parameters using methods like getParameterMap, the server prematurely parses and stores this content to...
CVE-2026-3260
CVE-2026-3260 affects Undertow and enables Denial of Service via premature multipart/form-data parsing when a GET request with multipart/form-data is processed (e.g., via getParameterMap). The issue is caused by content being parsed and stored to disk during parameter handling, leading to resourc...
CVE-2026-3260 Undertow: undertow: denial of service due to premature multipart/form-data parsing in get requests
A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing multipart/form-data content. If the underlying application processes parameters using methods like getParameterMap, the server prematurely parses and stores this content to...
CVE-2026-3260 Undertow: undertow: denial of service due to premature multipart/form-data parsing in get requests
A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing multipart/form-data content. If the underlying application processes parameters using methods like getParameterMap, the server prematurely parses and stores this content to...
CVE-2025-15124
A vulnerability was identified in JeecgBoot up to 3.9.0. This impacts the function getParameterMap of the file /sys/sysDepartPermission/list. The manipulation of the argument departId leads to improper authorization. The attack can be initiated remotely. The attack's complexity is rated as high...