Lucene search
K

16 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/14 11:1 p.m.5 views

CVE-2026-39399

NuGet Gallery is a package repository that powers nuget.org. A security vulnerability exists in the NuGetGallery backend job’s handling of .nuspec files within NuGet packages. An attacker can supply a crafted nuspec file with malicious metadata, leading to cross package metadata injection that ma...

9.6CVSS6.2AI score0.00527EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/24 8:31 p.m.4 views

CVE-2026-32948

A flaw was found in sbt, a build tool for Scala and Java. On Windows, sbt uses the cmd /c command interpreter to execute version control system VCS commands. A remote attacker can exploit this by providing a specially crafted URI fragment such as a branch, tag, or revision name in the build...

7.8CVSS6AI score0.00304EPSS
Exploits1References7
OSV
OSV
added 2026/03/24 4:4 p.m.5 views

GHSA-X4FF-Q6H8-V7GW sbt: Source dependency feature (via crafted VCS URL) leads to arbitrary code execution on Windows

Summary On Windows, sbt uses Process"cmd", "/c", ... to run VCS commands git, hg, svn. The URI fragment branch, tag, revision is user-controlled via the build definition and passed to these commands without validation. Because cmd /c interprets &, |, and ; as command separators, a malicious...

6.7CVSS6.2AI score0.00304EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-19543

Malware in sbrugna...

8.6CVSS8.3AI score0.00948EPSS
Exploits0References7
NVD
NVD
added 2024/06/06 7:15 p.m.37 views

CVE-2024-2928

A Local File Inclusion LFI vulnerability was identified in mlflow/mlflow, specifically in version 2.9.2, which was fixed in version 2.11.3. This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences such as '../'. An attacker can...

7.5CVSS0.21847EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2024/06/06 6:29 p.m.16 views

CVE-2024-2928 Local File Inclusion (LFI) via URI Fragment Parsing in mlflow/mlflow

A Local File Inclusion LFI vulnerability was identified in mlflow/mlflow, specifically in version 2.9.2, which was fixed in version 2.11.3. This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences such as '../'. An attacker can...

7.5CVSS6.6AI score0.21847EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2024/03/05 6:19 p.m.4 views

haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers

HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...

8.2CVSS6AI score0.01526EPSS
Exploits0References4
OSV
OSV
added 2024/03/05 12:0 a.m.36 views

ALSA-2024:1142 Moderate: haproxy security update

The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: Proxy forwards malformed empty Content-Length headers CVE-2023-40225 haproxy: untrimmed URI fragments may lead to exposure of confidential data on static...

8.2CVSS7.1AI score0.01815EPSS
Exploits1References6
Amazon
Amazon
added 2024/01/22 12:0 a.m.4 views

Medium: haproxy

Issue Overview: HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server. CVE-2023-45539 Affected...

8.2CVSS7.1AI score0.01526EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2021/08/25 9:37 a.m.3 views

envoyproxy/envoy: HTTP request with a URL fragment in the URI can bypass authorization policies

An authorization bypass vulnerability was found in envoyproxy/envoy. When a URI path-based authorization policy is specified, envoy incorrectly evaluates the HTTP request which contains a URI fragment. This flaw allows an attacker to bypass the authorization policy and access downstream services...

8.6CVSS5.8AI score0.00948EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/08/25 9:37 a.m.3 views

envoyproxy/envoy: HTTP request with a URL fragment in the URI can bypass authorization policies

An authorization bypass vulnerability was found in envoyproxy/envoy. When a URI path-based authorization policy is specified, envoy incorrectly evaluates the HTTP request which contains a URI fragment. This flaw allows an attacker to bypass the authorization policy and access downstream services...

8.6CVSS5.8AI score0.00948EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2021/08/24 10:15 p.m.47 views

CVE-2021-39156

An authorization bypass vulnerability was found in istio/istio. An HTTP request is incorrectly evaluated when a URI fragment is specified. This flaw allows an attacker to bypass an Istio URI-based authorization rule. The highest threat from this vulnerability is to confidentiality, integrity, as...

8.3CVSS2.4AI score0.0109EPSS
Exploits0References4
CVE
CVE
added 2021/08/24 8:45 p.m.136 views

CVE-2021-32779

CVE-2021-32779 affects Envoy, where a URI with a '#fragment' can be misinterpreted as part of the path. In affected Envoy releases prior to 1.18.0, or 1.18.0+ with path_normalization=false, the fragment may be treated as a path suffix (e.g., /admin#foo) and fail path checks, potentially leaking t...

8.6CVSS8.5AI score0.00948EPSS
Exploits0References2Affected Software1
seebug.org
seebug.org
added 2021/03/31 12:0 a.m.106 views

VMware vRealize Operations Manager SSRF和文件读取漏洞(CVE-2021-21975 CVE-2021-21983)

Description On March 30, 2021, VMware published a security advisory for CVE-2021-21975 and CVE-2021-21983, two chainable vulnerabilities in its vRealize Operations Manager product. CVE-2021-21975 is an unauthenticated server-side request forgery SSRF, while CVE-2021-21983 is an authenticated...

8.5CVSS8.1AI score0.7829EPSS
Exploits12
Tenable Nessus
Tenable Nessus
added 2016/07/29 12:0 a.m.71 views

Fedora 24 : php-guzzlehttp-guzzle6 (2016-4e7db3d437) (httpoxy)

6.2.1 - 2016-07-18 - Address HTTPPROXY security vulnerability, CVE-2016-5385: https://httpoxy.org/ - Fixing timeout bug with StreamHandler: https://github.com/guzzle/guzzle/pull/1488 - Only read up to Content-Length in PHP StreamHandler to avoid timeouts when a server does not honor Connection:...

8.1CVSS6.8AI score0.50427EPSS
Exploits0References2
Friends Of PHP
Friends Of PHP
added 2016/07/15 5:44 p.m.30 views

HTTP Proxy header vulnerability

Addressing HTTPPROXY security vulnerability, CVE-2016-5385: https://httpoxy.org/. Please update to this version of Guzzle in order to mitigate the vulnerability when sending Guzzle requests inside of a CGI application. - Fixing timeout bug with StreamHandler - Only read up to Content-Length in...

8.1CVSS6.3AI score0.50427EPSS
Exploits0Affected Software1
Rows per page
Query Builder