75 matches found
vCenter Server - Improper Access Control
Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed. id: CVE-2021-22017 info: name:...
fast-uri: fast-uri: URI authority bypass due to improper delimiter handling
A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by crafting a malicious Uniform Resource Identifier URI that contains percent-encoded authority delimiters. The fast-uri library incorrectly decodes these delimiters during normalization and then re-emits them as raw...
Security Bulletin: Security vulnerabilities have been found in IBM Verify Identity Access Digital Credentials
Summary Security vulnerabilities have been addressed in IBM Verify Identity Access Digital Credentials Vulnerability Details CVEID:CVE-2026-45740 DESCRIPTION: protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.8 and 8.2.0, protobufjs could recurse without a depth...
CVE-2026-6321 fast-uri vulnerable to path traversal via percent-encoded dot segments
fast-uri decoded percent-encoded path separators and dot segments before applying dot-segment removal in its normalize and equal functions. Encoded path data was treated like real slashes and parent-directory references, so distinct URIs could collapse onto the same normalized path. Applications...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: raptor2 (UTSA-2026-005274)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005274 advisory. In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI with the turtle parser in raptorurinormalizepath. Tenable has...
CVE-2021-22017
Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed...
TencentOS Server 3: raptor2 (TSSA-2025:0041)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0041 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
EUVD-2020-0333
Malware in sbrugna...
EUVD-2016-10056
Malware in sbrugna...
EUVD-2024-53767
Malicious code in bioql PyPI...
EUVD-2024-3613
Malicious code in bioql PyPI...
SUSE-SU-2025:03257-1 Security update for raptor
This update for raptor fixes the following issues: - CVE-2024-57823: Fixed integer underflow when normalizing a URI with the turtle parser bsc1235673. - CVE-2024-57822: Fixed heap buffer overread when parsing triples with the nquads parser bsc1235674...
Security update for raptor
This update for raptor fixes the following issues: CVE-2024-57823: Fixed integer underflow when normalizing a URI with the turtle parser bsc1235673 CVE-2024-57822: Fixed heap buffer overread when parsing triples with the nquads parser bsc1235674 Patch Instructions: To install this SUSE update use...
OESA-2025-1453 raptor2 security update
Raptor is Redland's RDF parser toolkit, which provides a set of independent RDF parsers to generate triples from RDF / XML or N-Triples. Security Fixes: In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI with the turtle parser in...
WAF Bypass
github.com/corazawaf/coraza is vulnerable to WAF Bypass. The vulnerability is due to improper URI normalization or incorrect parsing of request URIs that start with //, allows an attacker to bypass security rules and potentially evade WAF protections, leading to an incorrect REQUESTFILENAME value...
CVE-2020-5280
http4s before versions 0.18.26, 0.20.20, and 0.21.2 has a local file inclusion vulnerability. This vulnerability applies to all users of org.http4s.server.staticcontent.FileService, org.http4s.server.staticcontent.ResourceService and org.http4s.server.staticcontent.WebjarService. URI normalizatio...
MGASA-2025-0018 Updated raptor2 packages fix security vulnerability
In the Raptor RDF Syntax Library there is an integer underflow when normalizing a URI with the turtle parser in raptorurinormalizepath...
Updated raptor2 packages fix security vulnerability
In the Raptor RDF Syntax Library there is an integer underflow when normalizing a URI with the turtle parser in raptorurinormalizepath...
Important: Red Hat Security Advisory: raptor2 security update
An update for raptor2 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...
Important: Red Hat Security Advisory: raptor2 security update
An update for raptor2 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...