4 matches found
ROOT-APP-NPM-CVE-2026-6321 CVE-2026-6321 in @rootio/fast-uri - Patched by Root
Root has patched CVE-2026-6321 in the @rootio/fast-uri package for Root:npm. Multiple fixed versions available...
CVE-2026-6321 vulnerabilities
Vulnerabilities for packages: serve, langfuse, vitess, prism, argo-workflows, tileserver-gl, saf, opensearch-dashboards...
CVE-2026-6321 vulnerabilities
Vulnerabilities for packages: vitess, langfuse, serve, drupal, prism, gitlab-rails-ce, kibana, wazuh-dashboard, saf, opensearch-dashboards-fips, langfuse-fips, keep, arangodb, argo-workflows, gitlab-rails-ce-fips, tileserver-gl-fips, opensearch-dashboards, keep-fips, wazuh-dashboard-fips,...
CVE-2026-6321
fast-uri decoded percent-encoded path separators and dot segments before applying dot-segment removal in its normalize and equal functions. Encoded path data was treated like real slashes and parent-directory references, so distinct URIs could collapse onto the same normalized path. Applications...