76 matches found
GHSA-GM2X-2G9H-CCM8 go-git missing validation decoding Index v4 files leads to panic
Impact go-git’s index decoder for format version 4 fails to validate the path name prefix length before applying it to the previously decoded path name. A maliciously crafted index file can trigger an out-of-bounds slice operation, resulting in a runtime panic during normal index parsing. This...
PT-2026-29156
Name of the Vulnerable Software and Affected Versions go-git versions prior to 5.17.1 Description The go-git library’s index decoder for Git index format version 4 does not properly validate the path name prefix length before applying it to the previously decoded path name. A specially crafted...
CVE-2026-23942
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP sshsftpd module allows Path Traversal. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl and program routines sshsftpd:iswithinroot/2. The SFTP server uses string...
UBUNTU-CVE-2026-23942
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP sshsftpd module allows Path Traversal. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl and program routines sshsftpd:iswithinroot/2. The SFTP server uses string...
CVE-2026-23942 SFTP root escape via component-agnostic prefix check in ssh_sftpd
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP sshsftpd module allows Path Traversal. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl and program routines sshsftpd:iswithinroot/2. The SFTP server uses string...
UBUNTU-CVE-2026-22860
Rack is a modular Ruby web server interface. Prior to versions 2.2.22, 3.1.20, and 3.2.5, Rack::Directory’s path check used a string prefix match on the expanded path. A request like /../rootexample/ can escape the configured root if the target path starts with the root string, allowing directory...
@fastify/middie security vulnerabilities
@fastify/middie is an open-source middleware engine developed by Fastify. Versions of @fastify/middie prior to 9.1.0 contained security vulnerabilities. These vulnerabilities were due to improper path prefix matching, which could allow the middleware to bypass security checks...
@fastify/express security vulnerability
@fastify/express is a compatibility plugin developed by Fastify. Versions of @fastify/express prior to 4.0.3 contained security vulnerabilities. These vulnerabilities were caused by improper path prefix matching, which could allow middleware to bypass security checks...
PT-2026-3452
Name of the Vulnerable Software and Affected Versions @fastify/express versions prior to 4.0.3 Description A security issue exists in the @fastify/express plugin, which provides Express compatibility for Fastify. The problem occurs when middleware is registered with a specific path prefix...
PT-2026-20305
Name of the Vulnerable Software and Affected Versions Rack versions prior to 2.2.22 Rack versions prior to 3.1.20 Rack versions prior to 3.2.5 Description The Rack::Directory component had a path check that used a string prefix match on the expanded path. A crafted request, such as /../root...
CVE-2025-64500
Affected component: Symfony HttpFoundation (Symfony PHP framework). Vulnerability: The Request class improperly interprets some PATH_INFO, allowing representation of URLs without a leading slash and potentially bypassing access-control rules that assume a leading “/”. Versions and root cause: Pri...
EUVD-2025-23570
Malicious code in bioql PyPI...
CVE-2025-54387
IPX is an image optimizer powered by sharp and svgo. In versions 1.3.1 and below, 2.0.0-0 through 2.1.0, and 3.0.0 through 3.1.0, the approach used to check whether a path is within allowed directories is vulnerable to path prefix bypass when the allowed directories do not end with a path...
CVE-2025-54387
IPX is an image optimizer powered by sharp and svgo. In versions 1.3.1 and below, 2.0.0-0 through 2.1.0, and 3.0.0 through 3.1.0, the approach used to check whether a path is within allowed directories is vulnerable to path prefix bypass when the allowed directories do not end with a path...
CVE-2025-54387 IPX is Vulnerable to Path Traversal via Prefix Matching Bypass
IPX is an image optimizer powered by sharp and svgo. In versions 1.3.1 and below, 2.0.0-0 through 2.1.0, and 3.0.0 through 3.1.0, the approach used to check whether a path is within allowed directories is vulnerable to path prefix bypass when the allowed directories do not end with a path...
IPX 安全漏洞
IPX is an image optimizer open-sourced by UnJS. A security vulnerability exists in IPX versions 1.3.1 and earlier, 2.0.0-0 through 2.1.0, and 3.0.0 through 3.1.0, which stems from improper path prefix checking and could lead to path prefix bypass...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal when using the PathPrefix, Path, or PathRegex route matchers. An attacker can target a backend exposed using another router, by-passing the middleware chain by crafting a request with a manipulated path using...
Directory Traversal
Overview github.com/traefik/traefik/v2/pkg/server is a server package for traefik, a cloud native edge router. Affected versions of this package are vulnerable to Directory Traversal when using the PathPrefix, Path, or PathRegex route matchers. An attacker can target a backend exposed using anoth...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal when using the PathPrefix, Path, or PathRegex route matchers. An attacker can target a backend exposed using another router, by-passing the middleware chain by crafting a request with a manipulated path using...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal when routing requests to a backend using a PathPrefix, Path, or PathRegex matcher. An attacker can bypass the middleware chain to access backend services by including traversal sequences like /../ in a request. Detai...