12 matches found
CVE-2026-47676 Hono: app.mount() strips mount prefix using undecoded path, causing incorrect routing for percent-encoded paths
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.21, app.mount strips the mount prefix from the incoming request path using the raw URL pathname, while route matching is performed against the percent-decoded path. This inconsistency causes the...
DeepCode 路径遍历漏洞
DeepCode is a multi-agent code generation tool open-source by Data Intelligence Lab@HKU. Previous versions of DeepCode c991dc2 contained a path traversal vulnerability. This vulnerability originated from the SPA catch-all route in newui/backend/main.py, which had a path traversal vulnerability...
Nitro 路径遍历漏洞
Nitro is an open-source, zero-configurable production-level server extension tool developed by Nitro. Versions prior to Nitro 3.0.260429-beta contained a path traversal vulnerability. This vulnerability allowed attackers to send percent-encoded paths in URLs, causing Nitro to redirect requests to...
Directory Traversal
Overview org.webjars.npm:nitropack is a Build and Deploy Universal JavaScript Servers Affected versions of this package are vulnerable to Directory Traversal via the routeRules function. An attacker can access files or endpoints outside the intended proxy scope by sending specially crafted URLs...
CVE-2026-6321
fast-uri decoded percent-encoded path separators and dot segments before applying dot-segment removal in its normalize and equal functions. Encoded path data was treated like real slashes and parent-directory references, so distinct URIs could collapse onto the same normalized path. Applications...
CVE-2026-6414
A flaw was found in @fastify/static. A remote attacker can exploit this vulnerability by sending specially crafted requests that include percent-encoded path separators. This mismatch in how @fastify/static decodes these separators compared to the Fastify router allows the attacker to bypass...
Improper Handling of Length Parameter Inconsistency
Overview rack is a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between the so-called middleware into a singl...
CVE-2026-34831 Rack: Content-Length mismatch in Rack::Files error responses
Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Filesfail sets the Content-Length response header using Stringsize instead of Stringbytesize. When the response body contains multibyte UTF-8 characters, the declared Content-Length is smaller than the...
PT-2026-29819
Name of the Vulnerable Software and Affected Versions Rack versions prior to 2.2.23, 3.1.21, and 3.2.6 Description Rack’s Rack::Filesfail function incorrectly calculates the Content-Length response header using Stringsize instead of Stringbytesize. This occurs when the response body contains...
Directory Traversal
Overview org.webjars.npm:h3 is a Minimal HTTP framework built for high performance and portability. Affected versions of this package are vulnerable to Directory Traversal via the serveStatic function. An attacker can access arbitrary files outside the intended static directory by sending crafted...
GHSA-VCVG-XGR8-P5GQ Arbitrary file read using percent-encoded relative paths in FileMiddleware
Impact Attackers can access data at arbitrary filesystem paths on the same host as an application using FileMiddleware. Patches Version 4.29.4 Workarounds Upgrade to 4.24.4 or later, or disable FileMiddleware. References Introduced in https://github.com/vapor/vapor/pull/2223 Fixed by...
Arbitrary File Read
Overview vapor/vapor is an a server-side Swift HTTP web framework. Affected versions of this package are vulnerable to Arbitrary File Read. This can be caused by using percent-encoded relative paths in FileMiddleware. Remediation Upgrade vapor/vapor to version 4.29.4 or higher. References - GitHu...