3 matches found
Resty has a Path Traversal vulnerability
A security vulnerability has been detected in Dreampie Resty versions up to the 1.3.1.SNAPSHOT. This affects the function Request of the file /resty-httpclient/src/main/java/cn/dreampie/client/HttpClient.java of the component HttpClient Module. Such manipulation of the argument filename leads to...
SUSE CVE-2025-29914
OWASP Coraza WAF is a golang modsecurity compatible web application firewall library. Prior to 3.3.3, if a request is made on an URI starting with //, coraza will set a wrong value in REQUESTFILENAME. For example, if the URI //bar/uploads/foo.php?a=b is passed to coraza: , REQUESTFILENAME will be...
Use of Incorrectly-Resolved Name or Reference
Overview Affected versions of this package are vulnerable to Use of Incorrectly-Resolved Name or Reference when parsing URIs in ProcessURI. An attacker can bypass security rules by sending URIs that starting with //. which lead to an incorrect setting of the REQUESTFILENAME. PoC go package main...