4 matches found
ROOT-APP-NPM-CVE-2026-6321 CVE-2026-6321 in @rootio/fast-uri - Patched by Root
Root has patched CVE-2026-6321 in the @rootio/fast-uri package for Root:npm. Multiple fixed versions available...
CVE-2026-6321 vulnerabilities
Vulnerabilities for packages: tileserver-gl, prism, argo-workflows, serve, opensearch-dashboards, saf, vitess, langfuse...
CVE-2026-6321 vulnerabilities
Vulnerabilities for packages: keep-fips, serve, argo-workflows, tileserver-gl-fips, opensearch-dashboards-fips, gitlab-rails-ce-fips, arangodb, wazuh-dashboard, prism, tileserver-gl, opensearch-dashboards, saf, gitlab-rails-ce, kibana, drupal, wazuh-dashboard-fips, vitess, langfuse, langfuse-fips...
CVE-2026-6321
fast-uri decoded percent-encoded path separators and dot segments before applying dot-segment removal in its normalize and equal functions. Encoded path data was treated like real slashes and parent-directory references, so distinct URIs could collapse onto the same normalized path. Applications...