4 matches found
ROOT-APP-NPM-CVE-2026-6321 CVE-2026-6321 in @rootio/fast-uri - Patched by Root
Root has patched CVE-2026-6321 in the @rootio/fast-uri package for Root:npm. Multiple fixed versions available...
CVE-2026-6321 vulnerabilities
Vulnerabilities for packages: argo-workflows, langfuse, vitess, tileserver-gl, serve, opensearch-dashboards, saf, prism...
CVE-2026-6321 vulnerabilities
Vulnerabilities for packages: argo-workflows, serve, wazuh-dashboard-fips, wazuh-dashboard, tileserver-gl-fips, gitlab-rails-ce-fips, vitess, drupal, keep, kibana, tileserver-gl, opensearch-dashboards-fips, prism, langfuse, opensearch-dashboards, langfuse-fips, keep-fips, gitlab-rails-ce, arangod...
CVE-2026-6321
fast-uri decoded percent-encoded path separators and dot segments before applying dot-segment removal in its normalize and equal functions. Encoded path data was treated like real slashes and parent-directory references, so distinct URIs could collapse onto the same normalized path. Applications...