Lucene search
+L

9 matches found

RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.7 views

io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters

A flaw was found in Quarkus. A remote attacker could bypass HTTP path-based authorization policies by using specially crafted encoded semicolons, slashes, or backslashes in HTTP requests. This could allow unauthorized access to protected static resources, leading to information disclosure...

7.5CVSS6AI score0.00463EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/06/17 3:45 p.m.12 views

io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters

A flaw was found in Quarkus. A remote attacker could bypass HTTP path-based authorization policies by using specially crafted encoded semicolons, slashes, or backslashes in HTTP requests. This could allow unauthorized access to protected static resources, leading to information disclosure...

7.5CVSS5.4AI score0.00463EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/05/06 5:25 a.m.14 views

CVE-2026-6321

A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by providing a specially crafted Uniform Resource Locator URL containing percent-encoded path separators and dot segments. Due to incorrect processing, fast-uri would decode these elements before proper normalization...

7.5CVSS5.8AI score0.00521EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-0375

Malicious code in bioql PyPI...

9.1CVSS9AI score0.01116EPSS
Exploits0References6
OSV
OSV
added 2024/03/06 11:11 a.m.12 views

BIT-VAULT-2020-10661

HashiCorp Vault and Vault Enterprise versions 0.11.0 through 1.3.3 may, under certain circumstances, have existing nested-path policies grant access to Namespaces created after-the-fact. Fixed in 1.3.4...

9.1CVSS9.1AI score0.01116EPSS
Exploits0References3
NVD
NVD
added 2020/03/23 1:15 p.m.39 views

CVE-2020-10661

HashiCorp Vault and Vault Enterprise versions 0.11.0 through 1.3.3 may, under certain circumstances, have existing nested-path policies grant access to Namespaces created after-the-fact. Fixed in 1.3.4...

9.1CVSS9.2AI score0.01116EPSS
Exploits0References2
OSV
OSV
added 2020/03/23 1:15 p.m.15 views

CVE-2020-10661

HashiCorp Vault and Vault Enterprise versions 0.11.0 through 1.3.3 may, under certain circumstances, have existing nested-path policies grant access to Namespaces created after-the-fact. Fixed in 1.3.4...

9.1CVSS6.8AI score
Exploits0References2
CVE
CVE
added 2020/03/23 12:57 p.m.84 views

CVE-2020-10661

CVE-2020-10661 affects HashiCorp Vault and Vault Enterprise versions 0.11.0 through 1.3.3. Under certain circumstances, existing nested-path policies could grant access to Namespaces created after-the-fact. The issue is resolved in version 1.3.4 (fix described by the vendor). The connected docume...

9.1CVSS9AI score0.01116EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/03/23 12:57 p.m.37 views

CVE-2020-10661

HashiCorp Vault and Vault Enterprise versions 0.11.0 through 1.3.3 may, under certain circumstances, have existing nested-path policies grant access to Namespaces created after-the-fact. Fixed in 1.3.4...

9.2AI score0.01116EPSS
Exploits0References2
Rows per page
Query Builder