80 matches found
@hapi/content header parser has a parameter smuggling issue that allows upload-filter bypass via duplicate parameters
Impact The two parsers resolved duplicates inconsistently and silently: - Content.disposition retained the last occurrence of each parameter. - Content.type retained the first occurrence of charset and boundary. Either behavior creates a parameter-smuggling primitive when another component in the...
GHSA-36HH-X5P5-JGC8 @hapi/content header parser has a parameter smuggling issue that allows upload-filter bypass via duplicate parameters
Impact The two parsers resolved duplicates inconsistently and silently: - Content.disposition retained the last occurrence of each parameter. - Content.type retained the first occurrence of charset and boundary. Either behavior creates a parameter-smuggling primitive when another component in the...
Ruby Rack 3.x < 3.1.21 / 3.2.x < 3.2.6 Multiple Vulnerabilities
The version of the Rack Ruby library installed on the remote host is 3.0.0.beta1 or later but prior to 3.1.21, or is 3.2.0 or later but prior to 3.2.6. It is, therefore, affected by multiple vulnerabilities: - Rack::Multipart::Parserhandlemimehead parses quoted multipart parameters using repeated...
CVE-2026-32762
A flaw was found in Rack, a modular Ruby web server interface. This vulnerability arises from improper parsing of the RFC 7239 Forwarded header, where semicolons within quoted values are incorrectly interpreted as delimiters. An attacker can exploit this by crafting a malicious Forwarded header,...
Rack 安全漏洞
Rack is a modular Ruby web server interface developed by Rack authors. There were security vulnerabilities in versions of Rack from 3.0.0.beta1 to 3.1.21, as well as in versions from 3.2.0 to 3.2.6. These vulnerabilities stemmed from improper parsing of forwarded headers, which could lead to...
CVE-2026-32939
DataEase is an open source data visualization analysis tool. Versions 2.10.19 and below have inconsistent Locale handling between the JDBC URL validation logic and the H2 JDBC engine's internal parsing. DataEase uses String.toUpperCase without specifying an explicit Locale, causing its security...
Security Bulletin: Vulnerabilities in MongoDB, Python, Node.js, Golang Go, Linux kernel affect IBM Spectrum Protect Plus
Summary IBM Spectrum Protect Plus can be affected by vulnerabilities in MongoDB, Python, Node.js, Golang Go and Linux. Vulnerabilities include obtaining sensitive information, causing a denial of service condition, the elevation of privileges, query parameter smuggling, remote execution of...
Unity Linux 20.1070e Security Update: golang (UTSA-2025-986182)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986182 advisory. Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by net/http. This could permit...
EUVD-2022-35112
Malicious code in bioql PyPI...
TencentOS Server 3: grafana (TSSA-2023:0097)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0097 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
OESA-2025-1056 podman security update
Podman manages the entire container ecosystem which includes pods, containers, container images, and container volumes using the libpod library. Security Fixes: Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of...
OESA-2025-1053 podman security update
Podman manages the entire container ecosystem which includes pods, containers, container images, and container volumes using the libpod library. Security Fixes: Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of...
Security Bulletin: Vulnerabilities in Golang Go affect watsonx.data
Summary Golang Go has multiple vulnerabilities that include HTTP injection, remote attacks to conduct query parameter smuggling, remote attackd to bypass security restrictions, and denial of service attacks. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2022-32189 DESCRIPTION:...
golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters
A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an...
GHSA-F42M-MVFV-CGW5 mlflow vulnerable to Path Traversal
A path traversal vulnerability exists in the mlflow/mlflow repository due to improper handling of URL parameters. By smuggling path traversal sequences using the ';' character in URLs, attackers can manipulate the 'params' portion of the URL to gain unauthorized access to files or directories. Th...
CVE-2024-1593 Path Traversal via Parameter Smuggling in mlflow/mlflow
A path traversal vulnerability exists in the mlflow/mlflow repository due to improper handling of URL parameters. By smuggling path traversal sequences using the ';' character in URLs, attackers can manipulate the 'params' portion of the URL to gain unauthorized access to files or directories. Th...
CVE-2024-1593 Path Traversal via Parameter Smuggling in mlflow/mlflow
A path traversal vulnerability exists in the mlflow/mlflow repository due to improper handling of URL parameters. By smuggling path traversal sequences using the ';' character in URLs, attackers can manipulate the 'params' portion of the URL to gain unauthorized access to files or directories. Th...
BIT-GOLANG-2022-2880 Incorrect sanitization of forwarded query parameters in net/http/httputil
Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparsable value. After fix, ReverseProxy sanitizes the quer...
CentOS 9 : grafana-9.0.9-2.el9
The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the grafana-9.0.9-2.el9 build changelog. - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by...
RHCOS 4 : OpenShift Container Platform 4.12.3 (RHSA-2023:0727)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0727 advisory. - golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers CVE-2022-2879 - golang:...