10 matches found
Directory Traversal
Overview github.com/traefik/traefik/v2/pkg/server is a server package for traefik, a cloud native edge router. Affected versions of this package are vulnerable to Directory Traversal when using the PathPrefix, Path, or PathRegex route matchers. An attacker can target a backend exposed using anoth...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal when routing requests to a backend using a PathPrefix, Path, or PathRegex matcher. An attacker can bypass the middleware chain to access backend services by including traversal sequences like /../ in a request. Detai...
CVE-2025-32431 Traefik has a possible vulnerability with the path matchers
Traefik pronounced traffic is an HTTP reverse proxy and load balancer. In versions prior to 2.11.24, 3.3.6, and 3.4.0-rc2. There is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backe...
Traefik 路径遍历漏洞
Traefik is an open source reverse proxy and load balancing tool from Traefik Open Source. Traefik suffers from a path traversal vulnerability that stems from the fact that when managing requests using a PathPrefix, Path, or PathRegex matcher, it is possible to bypass the middleware chain by using...
nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe
A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...
nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe
A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...
nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe
A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...
GHSA-HJ48-42VR-X3V9 Regular Expression Denial of Service in path-parse
Affected versions of npm package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...
nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe
A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...
PT-2020-13490 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 8.12 through 13.3.8 GitLab EE versions 13.4 through 13.4.4 GitLab EE versions 13.5 through 13.5.1 Description: An issue has been discovered in GitLab EE where a regular expression related to a file path resulted in the...