Lucene search
K

4 matches found

Snyk
Snyk
added 2026/06/29 2:23 p.m.9 views

Interpretation Conflict

Overview fast-uri is a Dependency-free RFC 3986 URI toolbox Affected versions of this package are vulnerable to Interpretation Conflict in its parse, normalize, and equal functions, which call the nonexistent URL.domainToASCII static method and silently swallow the resulting TypeError into...

8.7CVSS5.8AI score0.00274EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/29 2:23 p.m.9 views

Interpretation Conflict

Overview org.webjars.npm:fast-uri is a Dependency-free RFC 3986 URI toolbox Affected versions of this package are vulnerable to Interpretation Conflict in its parse, normalize, and equal functions, which call the nonexistent URL.domainToASCII static method and silently swallow the resulting...

8.7CVSS5.8AI score0.00274EPSS
Exploits0References2
Hacker One
Hacker One
added 2026/04/05 6:17 a.m.18 views

curl: no_proxy IDN mismatch: Unicode hostnames bypass proxy exclusion list

Summary Unicode IDN hostnames in noproxy are never converted to punycode before comparison, so they never match the request hostname which curl has already converted to punycode. A user who types noproxy="bücher.de" and requests http://bücher.de/ expects the proxy to be bypassed. Instead curl...

7.5CVSS6.6AI score0.1654EPSS
Exploits1
securityvulns
securityvulns
added 2005/04/14 12:0 a.m.118 views

Internet Explorer wininet.dll URL parsing memory corruption details

Vendor: Microsoft Software: Internet Explorer 6.0, 5.5, 5.01 Problem: Memory corruption, code execution Remote: Yes Risk Level: Medium to low hard to exploit Authors: Axle ICQ 755756 bug discovery 3APA3A, http://www.security.nnov.ru/ bug research Original URL:...

7.5CVSS0.1AI score0.5791EPSS
Exploits0
Rows per page
Query Builder