CVE-2021-23387

The package trailing-slash before 2.0.1 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint such as https://example.com//attacker.example/. The vulnerable code is in index.js::createTrailing, as the web server uses relative URLs...

Open redirect

The package trailing-slash before 2.0.1 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint such as https://example.com//attacker.example/. The vulnerable code is in index.js::createTrailing, as the web server uses relative URLs...

CVE-2021-23387 Open Redirect

The package trailing-slash before 2.0.1 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint such as https://example.com//attacker.example/. The vulnerable code is in index.js::createTrailing, as the web server uses relative URLs...

CVE-2021-23387

CVE-2021-23387 concerns the npm package trailing-slash. The vulnerability is an Open Redirect caused by the use of trailing double slashes in URLs accessed at vulnerable endpoints, with the flaw located in index.js::createTrailing() (web server uses relative URLs). Affected versions are before 2....

CVE-2021-23387

The package trailing-slash before 2.0.1 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint such as https://example.com//attacker.example/. The vulnerable code is in index.js::createTrailing, as the web server uses relative URLs...

trailing-slash 输入验证错误漏洞

trailing-slash is an application. Add or remove trailing slashes and redirect. A security vulnerability exists in versions of trailing-slash prior to 2.0.1, when accessing vulnerable endpoints, through the use of trailing double slashes in URLs...

UBUNTU-CVE-2021-3531

A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes it can cause the rgw to crash, resulting in a denial of service. The greatest threat to the system is of availability...

CVE-2021-23384

The package koa-remove-trailing-slashes before 2.0.2 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint such as https://example.com//attacker.example/. The vulnerable code is in index.js::removeTrailingSlashes, as the web serve...

Open redirect

The package koa-remove-trailing-slashes before 2.0.2 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint such as https://example.com//attacker.example/. The vulnerable code is in index.js::removeTrailingSlashes, as the web serve...

CVE-2021-23384 Open Redirect

The package koa-remove-trailing-slashes before 2.0.2 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint such as https://example.com//attacker.example/. The vulnerable code is in index.js::removeTrailingSlashes, as the web serve...

CVE-2021-23384

The package koa-remove-trailing-slashes before 2.0.2 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint such as https://example.com//attacker.example/. The vulnerable code is in index.js::removeTrailingSlashes, as the web serve...

MediaWiki code issue vulnerability (CNVD-2021-35232)

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. It can be used to deploy in-house knowledge management and content management systems. A code issue vulnerability exists in MediaWiki version 1.35.2 and prior versions, which stems from the...

koa-remove-trailing-slashes 输入验证错误漏洞

koa-remove-trailing-slashes is an application. A Koa middleware that removes trailing slashes from paths. A security vulnerability exists in versions prior to koa-remove-trailing-slashes 2.0.2 that stems from vulnerability to Open Redirect...

UBUNTU-CVE-2021-32055

Mutt 1.11.0 through 2.0.x before 2.0.7 and NeoMutt 2019-10-25 through 2021-05-04 has a $imapqresync issue in which imap/util.c has an out-of-bounds read in situations where an IMAP sequence set ends with a comma. NOTE: the $imapqresync setting for QRESYNC is not enabled by default...

CVE-2021-31553

An issue was discovered in the CheckUser extension for MediaWiki through 1.35.2. MediaWiki usernames with trailing whitespace could be stored in the culog database table such that denial of service occurred for certain CheckUser extension pages and functionality. For example, the attacker could...

CVE-2021-31553

An issue was discovered in the CheckUser extension for MediaWiki through 1.35.2. MediaWiki usernames with trailing whitespace could be stored in the culog database table such that denial of service occurred for certain CheckUser extension pages and functionality. For example, the attacker could...

PT-2021-19424 · Mediawiki +1 · Checkuser Extension +2

Name of the Vulnerable Software and Affected Versions: MediaWiki versions through 1.35.2 Description: An issue in the CheckUser extension allows MediaWiki usernames with trailing whitespace to be stored in the cu log database table, causing denial of service for certain CheckUser extension pages...

MediaWiki 代码问题漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. It can be used to deploy in-house knowledge management and content management systems. A code issue vulnerability exists in MediaWiki version 1.35.2 and prior versions, which stems from the...

The vulnerability in the receive_xattr function of the xattrs.c utility for file transfer and synchronization in Rsync, related to reading beyond the buffer data limit, allows an attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability in the receivexattr function of the xattrs.c utility for transferring and synchronizing files in Rsync relates to the lack of checking for the presence of a trailing dot in the file name. Exploiting this vulnerability could allow an attacker to gain access to confidential data,...

Open Redirect

Overview koa-remove-trailing-slashes is a Koa middleware that makes sure all requests does not have trailing slashes Affected versions of this package are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint such as...