Lucene search
+L

4 matches found

Snyk
Snyk
added 2026/04/14 10:32 p.m.5 views

Reliance on Cookies without Validation and Integrity Checking

Overview Affected versions of this package are vulnerable to Reliance on Cookies without Validation and Integrity Checking via the serendipitysetCookie function. An attacker can cause authentication cookies, including session and auto-login tokens, to be scoped to an attacker-controlled domain by...

6.9CVSS5.7AI score0.00224EPSS
Exploits1References2
NVD
NVD
added 2025/02/03 9:15 p.m.9 views

CVE-2025-24961

org.gaul S3Proxy implements the S3 API and proxies requests. Users of the filesystem and filesystem-nio2 storage backends could unintentionally expose local files to users. This issue has been addressed in version 2.6.0. Users are advised to upgrade. There are no known workarounds for this...

6CVSS0.00528EPSS
Exploits0References3
CVE
CVE
added 2025/02/03 8:29 p.m.89 views

CVE-2025-24961

CVE-2025-24961 affects org.gaul S3Proxy and describes an insecure path traversal in the filesystem and filesystem-nio2 storage backends that could unintentionally expose local files to users. The root cause is a path traversal flaw when using those backends, enabling access to files outside the i...

6CVSS6.3AI score0.00528EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/02/03 12:0 a.m.6 views

PT-2025-5605 · Org.Gaul · 3Proxy

Name of the Vulnerable Software and Affected Versions: org.gaul S3Proxy versions prior to 2.6.0 Description: The issue affects users of the filesystem and filesystem-nio2 storage backends, potentially exposing local files to authenticated clients. This could lead to unauthorized access to sensiti...

6.9CVSS6.8AI score0.00528EPSS
Exploits0References9
Rows per page
Query Builder