Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the gettemplate function. An attacker can access arbitrary files readable by the process by supplying a specially crafted URI with a double-slash prefix, which bypasses path normalization checks. Note: This is...

BIT-MASTODON-2026-33868 Mastodon has a GET-Based Open Redirect via '/web/%2F<domain>'

Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 4.5.8, 4.4.15, and 4.3.21, an unauthenticated Open Redirect vulnerability CWE-601 exists in the /web/ route due to improper handling of URL-encoded path segments. An attacker can craft a specially encode...

CVE-2026-33868 Mastodon has a GET-Based Open Redirect via '/web/%2F<domain>'

Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 4.5.8, 4.4.15, and 4.3.21, an unauthenticated Open Redirect vulnerability CWE-601 exists in the /web/ route due to improper handling of URL-encoded path segments. An attacker can craft a specially encode...

opennextjs-cloudflare has SSRF vulnerability via /cdn-cgi/ path normalization bypass

A Server-Side Request Forgery SSRF vulnerability was identified in the @opennextjs/cloudflare package, resulting from a path normalization bypass in the /cdn-cgi/image/ handler. The @opennextjs/cloudflare worker template includes a /cdn-cgi/image/ handler intended for development use only. In...

CVE-2026-3125 SSRF vulnerability in opennextjs-cloudflare via /cdn-cgi/ path normalization bypass

A Server-Side Request Forgery SSRF vulnerability was identified in the @opennextjs/cloudflare package, resulting from a path normalization bypass in the /cdn-cgi/image/ handler.The @opennextjs/cloudflare worker template includes a /cdn-cgi/image/ handler intended for development use only. In...

CVE-2026-3125

CVE-2026-3125 affects the @opennextjs/cloudflare package and its /cdn-cgi/image/ handler. A path normalization bypass (using a backslash in the path, e.g., /cdn-cgi\image/…) can bypass Cloudflare edge interception, allowing requests to reach the Worker and trigger an unvalidated fetch of arbitrar...

CVE-2026-3125 SSRF vulnerability in opennextjs-cloudflare via /cdn-cgi/ path normalization bypass

A Server-Side Request Forgery SSRF vulnerability was identified in the @opennextjs/cloudflare package, resulting from a path normalization bypass in the /cdn-cgi/image/ handler.The @opennextjs/cloudflare worker template includes a /cdn-cgi/image/ handler intended for development use only. In...

PT-2026-23032

Name of the Vulnerable Software and Affected Versions @opennextjs/cloudflare affected versions not specified Description A Server-Side Request Forgery SSRF issue exists in the @opennextjs/cloudflare package. This is due to a path normalization bypass in the /cdn-cgi/image/ handler. Specifically,...

OpenNext for Cloudflare 安全漏洞

OpenNext for Cloudflare is an OpenNext open-source adapter that allows deploying Next.js applications on Cloudflare. There is a security vulnerability in OpenNext for Cloudflare, which stems from path normalization bypasses. This vulnerability may lead to server-side request forgeing and private...

Interpretation Conflict

Overview @fastify/middie is a Middleware engine for Fastify Affected versions of this package are vulnerable to Interpretation Conflict via the middleware matching engine when router options like ignoreDuplicateSlashes, useSemicolonDelimiter, or other trailing-slash normalization are enabled. An...

GO-2025-4206 Path Normalization Bypass in Traefik Router + Middleware Rules in github.com/traefik/traefik

Path Normalization Bypass in Traefik Router + Middleware Rules in github.com/traefik/traefik...

SUSE CVE-2025-66490

Traefik is an HTTP reverse proxy and load balancer. For versions prior to 2.11.32 and 2.11.31 through 3.6.2, requests using PathPrefix, Path or PathRegex matchers can bypass path normalization. When Traefik uses path-based routing, requests containing URL-encoded restricted characters /, , Null,...

CVE-2025-66490

Traefik is an HTTP reverse proxy and load balancer. For versions prior to 2.11.32 and 2.11.31 through 3.6.2, requests using PathPrefix, Path or PathRegex matchers can bypass path normalization. When Traefik uses path-based routing, requests containing URL-encoded restricted characters /, , Null,...

CVE-2025-66490 Traefik doesn't Prevent Path Normalization Bypass in Router + Middleware Rules

Traefik is an HTTP reverse proxy and load balancer. For versions prior to 2.11.32 and 2.11.31 through 3.6.2, requests using PathPrefix, Path or PathRegex matchers can bypass path normalization. When Traefik uses path-based routing, requests containing URL-encoded restricted characters /, , Null,...

CVE-2025-66490

CVE-2025-66490 affects Traefik, where versions prior to 2.11.32 and 2.11.31–3.6.2 could bypass path normalization when using PathPrefix, Path, or PathRegex matchers. Under path-based routing, requests containing URL-encoded restricted characters (/, , Null, ;, ?, #) may bypass the middleware chai...

CVE-2025-66490 Traefik doesn't Prevent Path Normalization Bypass in Router + Middleware Rules

Traefik is an HTTP reverse proxy and load balancer. For versions prior to 2.11.32 and 2.11.31 through 3.6.2, requests using PathPrefix, Path or PathRegex matchers can bypass path normalization. When Traefik uses path-based routing, requests containing URL-encoded restricted characters /, , Null,...

Traefik 安全漏洞

Traefik is an open source reverse proxy and load balancing tool from Traefik Open Source. A security vulnerability exists in Traefik versions 2.11.31 through 3.6.2, which stems from a path normalization bypass that could result in requests bypassing security controls...

PT-2025-49684

Name of the Vulnerable Software and Affected Versions Traefik versions prior to 2.11.32 and 2.11.31 through 3.6.2 Description Traefik is an HTTP reverse proxy and load balancer. Requests using PathPrefix, Path, or PathRegex matchers can bypass path normalization. When Traefik uses path-based...