4 matches found
ROOT-APP-NPM-CVE-2026-6321 CVE-2026-6321 in @rootio/fast-uri - Patched by Root
Root has patched CVE-2026-6321 in the @rootio/fast-uri package for Root:npm. Multiple fixed versions available...
CVE-2026-6321 vulnerabilities
Vulnerabilities for packages: vitess, langfuse, prism, saf, argo-workflows, serve, tileserver-gl, opensearch-dashboards...
CVE-2026-6321 vulnerabilities
Vulnerabilities for packages: argo-workflows, serve, keep, arangodb, gitlab-rails-ce-fips, prism, vitess, tileserver-gl-fips, langfuse, opensearch-dashboards-fips, drupal, wazuh-dashboard-fips, langfuse-fips, kibana, opensearch-dashboards, saf, tileserver-gl, wazuh-dashboard, gitlab-rails-ce,...
CVE-2026-6321
fast-uri decoded percent-encoded path separators and dot segments before applying dot-segment removal in its normalize and equal functions. Encoded path data was treated like real slashes and parent-directory references, so distinct URIs could collapse onto the same normalized path. Applications...