CVE-2018-3718

MEDIUM Year: 2018
CVSS v3 Score
5.3
Medium
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-177
View all →

Vulnerability Description

serve node module suffers from Improper Handling of URL Encoding by permitting access to ignored files if a filename is URL encoded.

Related Vulnerabilities

CVE-2022-27780

MEDIUM
CVSS:5.3(Medium)

The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.Fo...

CWE-1772022

CVE-2022-3854

MEDIUM
CVSS:6.5(Medium)

A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service.

CWE-1772022

CVE-2022-3854

MEDIUM
CVSS:6.5(Medium)

A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service.

CWE-1772022

CVE-2022-27780

MEDIUM
CVSS:5.3(Medium)

The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.Fo...

CWE-1772022

CVE-2024-48866

LOW

An improper handling of URL encoding (Hex Encoding) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to ru...

CWE-1772024