Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.For example, a URL like `http://example.com%2F127.0.0.1/`, would be allowed bythe parser and get transposed into `http://example.com/127.0.0.1/`. This flawcan be used to circumvent filters, checks and more.
CVSS Information
N/A
Vulnerability Type
URL编码处理不恰当(Hex编码)
Vulnerability Title
curl 代码问题漏洞
Vulnerability Description
curl是一款用于从服务器传输数据或向服务器传输数据的工具。 curl 存在代码问题漏洞,该漏洞源于 URL 解析器在解码 URL 的主机名部分时错误地接受百分比编码的 URL 分隔符。
CVSS Information
N/A
Vulnerability Type
N/A