Lucene search
K

207 matches found

OSV
OSV
added 2 days ago3 views

CVE-2026-58228 Scheme validation bypass in Phoenix.LiveView.Utils leads to XSS via <.link>

Cross-site scripting vulnerability in phoenixframework phoenixliveview allows an attacker to bypass URL scheme validation and execute JavaScript in a victim's browser session. The Phoenix.LiveView.Utils.validdestination!/2 and Phoenix.LiveView.Utils.validlivenavigationdestination!/2 functions in...

5CVSS6.2AI score0.00382EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2 days ago5 views

CVE-2026-58228 Scheme validation bypass in Phoenix.LiveView.Utils leads to XSS via <.link>

Cross-site scripting vulnerability in phoenixframework phoenixliveview allows an attacker to bypass URL scheme validation and execute JavaScript in a victim's browser session. The Phoenix.LiveView.Utils.validdestination!/2 and Phoenix.LiveView.Utils.validlivenavigationdestination!/2 functions in...

5CVSS6.2AI score0.00382EPSS
Exploits0References4
CVE
CVE
added 2026/06/30 10:8 p.m.13 views

CVE-2026-56233

Capgo before 12.128.2 contains a path traversal vulnerability in the builder upload proxy. Authenticated users with build permissions can bypass upload restrictions by appending traversal sequences to the upload path, which are normalized by the WHATWG URL parser, enabling access to internal admi...

8.7CVSS5.8AI score0.00451EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/30 1:49 a.m.7 views

SUSE CVE-2026-13676

fast-uri versions 2.3.1 through 3.1.2 and 4.0.0 fail to canonicalize Unicode IDN hostnames for HTTP-family URLs. The IDN conversion path calls a helper that does not exist on the global URL constructor, silently leaving the host in its original Unicode form while normalize and equal still return...

7.2CVSS5.8AI score0.00274EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/29 1:22 p.m.7 views

CVE-2026-13676

fast-uri versions 2.3.1 through 3.1.2 and 4.0.0 fail to canonicalize Unicode IDN hostnames for HTTP-family URLs. The IDN conversion path calls a helper that does not exist on the global URL constructor, silently leaving the host in its original Unicode form while normalize and equal still return...

7.5CVSS5.8AI score0.00274EPSS
Exploits0
EUVD
EUVD
added 2026/06/29 1:22 p.m.7 views

EUVD-2026-40093

fast-uri versions 2.3.1 through 3.1.2 and 4.0.0 fail to canonicalize Unicode IDN hostnames for HTTP-family URLs. The IDN conversion path calls a helper that does not exist on the global URL constructor, silently leaving the host in its original Unicode form while normalize and equal still return...

7.5CVSS5.8AI score0.00274EPSS
Exploits0References2
CVE
CVE
added 2026/06/29 1:22 p.m.27 views

CVE-2026-13676

The CVE concerns the fast-uri library (versions 2.3.1–3.1.2 and 4.0.0) where the IDN host canonicalization path fails to normalize Unicode hosts for HTTP URLs. A helper used in IDN conversion does not exist on the global URL constructor, leaving the host in Unicode form while normalize() and equa...

7.5CVSS5.8AI score0.00274EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/06/22 6:16 p.m.6 views

DEBIAN-CVE-2026-50168

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/platform-server package allows remote attackers to bypass host allowlist constraints an...

8.2CVSS6.1AI score0.00193EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 3:39 p.m.35 views

CVE-2026-50168 Angular: URL Parser Differential in @angular/platform-server leading to SSRF Allowlist Bypass

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/platform-server package allows remote attackers to bypass host allowlist constraints an...

8.8CVSS0.00193EPSS
Exploits0References2
CVE
CVE
added 2026/06/22 3:39 p.m.23 views

CVE-2026-50168

CVE-2026-50168 affects Angular's @angular/platform-server and enables SSRF via a parser differential between the strict WHATWG URL parser (used for allowlists) and Domino’s lenient parser (used for server emulation). A malformed URL with a double-port structure (e.g., http://evil.com:80:80/path) ...

8.8CVSS6.1AI score0.00193EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/22 3:39 p.m.3 views

CVE-2026-50168 Angular: URL Parser Differential in @angular/platform-server leading to SSRF Allowlist Bypass

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/platform-server package allows remote attackers to bypass host allowlist constraints an...

8.8CVSS6.1AI score0.00193EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/18 4:16 p.m.7 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS8.3AI score0.00728EPSS
Exploits0References8
Snyk
Snyk
added 2026/06/15 4:39 p.m.9 views

Server-side Request Forgery (SSRF)

Overview @angular/platform-server is an Angular - library for using Angular in Node.js Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via a parser differential between the strict WHATWG URL parser used for allowlist validation and the lenient Domino URL parse...

8.8CVSS6AI score0.00193EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/15 4:39 p.m.31 views

@angular/platform-server: URL Parser Differential leading to SSRF Allowlist Bypass

An issue in the @angular/platform-server package allows remote attackers to bypass host allowlist constraints and direct server-side outgoing requests to arbitrary external endpoints. This occurs due to a parser differential between the strict WHATWG URL parser used for allowlist validation and t...

8.8CVSS5.7AI score0.00193EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/25 2:0 p.m.11 views

CVE-2026-47067

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. The URL parser in src/hackneyurl.erl converts every unrecognized URL scheme to a permanent BEAM atom via binarytoatom/2. BEAM atoms are never garbage-collected and the atom table defaults to a...

8.7CVSS5.8AI score0.00703EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2026/05/12 6:17 p.m.19 views

CVE-2026-43929

ssrfcheck is a library that checks if a string contains a potential SSRF attack. In 1.3.0 and earlier, ssrfcheck fails to block Server-Side Request Forgery attacks when the target private IP address is encoded as an IPv4-mapped IPv6 address e.g. http://::ffff:127.0.0.1/. The WHATWG URL parser bui...

8.2CVSS0.00226EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 5:49 p.m.14 views

CVE-2026-43929

The provided sources describe a concrete SSRF vulnerability in ssrfcheck (CVE-2026-43929) where IPv4 private addresses encoded as IPv4-mapped IPv6 inside URLs bypass the library’s private-IP denial logic. In ssrfcheck v1.3.0 and earlier, the WHATWG URL parser normalizes IPv4-mapped inputs to hex ...

8.2CVSS5.8AI score0.00226EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 5:49 p.m.32 views

CVE-2026-43929 ssrfcheck: Server-Side Request Forgery (SSRF) and Incomplete List of Disallowed Inputs

ssrfcheck is a library that checks if a string contains a potential SSRF attack. In 1.3.0 and earlier, ssrfcheck fails to block Server-Side Request Forgery attacks when the target private IP address is encoded as an IPv4-mapped IPv6 address e.g. http://::ffff:127.0.0.1/. The WHATWG URL parser bui...

8.2CVSS0.00226EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/07 9:18 p.m.6 views

CVE-2026-8034

A server-side request forgery SSRF vulnerability was identified in the GitHub Enterprise Server notebook viewer that allowed an attacker to access internal services by exploiting URL parser confusion between the validation layer and the HTTP request library. The hostname validation used a differe...

7.9CVSS5.8AI score0.00377EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/05/07 9:18 p.m.77 views

CVE-2026-8034 Server-side request forgery vulnerability in GitHub Enterprise Server notebook viewer via URL parser confusion

A server-side request forgery SSRF vulnerability was identified in the GitHub Enterprise Server notebook viewer that allowed an attacker to access internal services by exploiting URL parser confusion between the validation layer and the HTTP request library. The hostname validation used a differe...

7.9CVSS0.00377EPSS
Exploits0References5
Rows per page
Query Builder