Lucene search
K

20 matches found

Nuclei
Nuclei
added yesterday63 views

Solara <1.35.1 - Local File Inclusion

A Local File Inclusion LFI vulnerability was identified in widgetti/solara, in version 1.35.1, which was fixed in version 1.35.1. This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences such as '../' when serving static files. ...

8.6CVSS7.1AI score0.02884EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/11/26 12:43 a.m.3 views

haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers

HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...

8.2CVSS6AI score0.01526EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/11/26 12:43 a.m.27 views

Moderate: Red Hat Security Advisory: haproxy security update

An update for haproxy is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update as...

8.2CVSS6.7AI score0.01526EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/11/26 12:37 a.m.2 views

haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers

HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...

8.2CVSS6AI score0.01526EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/11/26 12:37 a.m.22 views

Moderate: Red Hat Security Advisory: haproxy security update

An update for haproxy is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.2CVSS6.7AI score0.01526EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/11/19 12:50 a.m.22 views

Moderate: Red Hat Security Advisory: haproxy security update

An update for haproxy is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.2CVSS6.7AI score0.01526EPSS
Exploits0References2
OSV
OSV
added 2024/11/08 3:56 p.m.10 views

RLSA-2024:8849 Moderate: haproxy security update

The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers CVE-2023-45539 For more details about the security issues, including th...

8.2CVSS6.8AI score0.01526EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2024/11/08 3:56 p.m.26 views

haproxy security update

An update is available for haproxy. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The haproxy packages provide a reliable, high-performance network load balanc...

8.2CVSS6.8AI score0.01526EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/11/05 3:56 a.m.25 views

Moderate: Red Hat Security Advisory: haproxy security update

An update for haproxy is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

8.2CVSS6.7AI score0.01526EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/11/05 1:26 a.m.35 views

Moderate: Red Hat Security Advisory: haproxy security update

An update for haproxy is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

8.2CVSS6.7AI score0.01526EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/11/05 1:26 a.m.44 views

haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers

HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...

8.2CVSS6AI score0.01526EPSS
Exploits0References4
OSV
OSV
added 2024/11/05 12:0 a.m.15 views

ALSA-2024:8849 Moderate: haproxy security update

The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers CVE-2023-45539 For more details about the security issues, including th...

8.2CVSS6.7AI score0.01526EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2024/11/05 12:0 a.m.16 views

Moderate: haproxy security update

The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers CVE-2023-45539 For more details about the security issues, including th...

8.2CVSS6.8AI score0.01526EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/07/31 12:44 a.m.3 views

haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers

HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...

8.2CVSS6AI score0.01526EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/07/12 2:28 p.m.16 views

CVE-2024-39903 Local File Inclusion in Solara

Solara is a pure Python, React-style framework for scaling Jupyter and web apps. A Local File Inclusion LFI vulnerability was identified in widgetti/solara, in version 1.35.1, which was fixed in version 1.35.1. This vulnerability arises from the application's failure to properly validate URI...

8.6CVSS6.6AI score0.02884EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2024/06/06 9:30 p.m.32 views

Local File Inclusion in mlflow

A Local File Inclusion LFI vulnerability was identified in mlflow/mlflow, specifically in version 2.9.2, which was fixed in version 2.11.3. This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences such as '../'. An attacker can...

7.5CVSS7.5AI score0.21847EPSS
Exploits2References5Affected Software1
PyPA
PyPA
added 2024/06/06 7:15 p.m.7 views

PYSEC-2024-242

A Local File Inclusion LFI vulnerability was identified in mlflow/mlflow, specifically in version 2.9.2, which was fixed in version 2.11.3. This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences such as '../'. An attacker can...

7.5CVSS6.5AI score0.21847EPSS
Exploits2References6Affected Software1
RedHat Linux
RedHat Linux
added 2024/03/05 8:20 a.m.38 views

Moderate: Red Hat Security Advisory: haproxy security update

An update for haproxy is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.2CVSS6.7AI score0.01815EPSS
Exploits1References3
AlmaLinux
AlmaLinux
added 2024/03/05 12:0 a.m.87 views

Moderate: haproxy security update

The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: Proxy forwards malformed empty Content-Length headers CVE-2023-40225 haproxy: untrimmed URI fragments may lead to exposure of confidential data on static...

8.2CVSS7.3AI score0.01815EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:40 a.m.5 views

SUSE CVE-2021-32779

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions envoy incorrectly handled a URI 'fragment' element as part of the path element. Envoy is configured with an RBAC filter for authorization or similar mechanism with...

8.6CVSS8.5AI score0.00948EPSS
Exploits0References3
Rows per page
Query Builder