CVE-2026-1002
- EPSS 0.04%
- Veröffentlicht 15.01.2026 20:50:25
- Zuletzt bearbeitet 30.01.2026 19:41:43
The Vert.x Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URI. The issue comes from an improper implementation of the C. rule of section 5.2.4 of RFC...
CVE-2023-24815
- EPSS 0.23%
- Veröffentlicht 09.02.2023 18:15:10
- Zuletzt bearbeitet 21.11.2024 07:48:27
Vert.x-Web is a set of building blocks for building web applications in the java programming language. When running vertx web applications that serve files using `StaticHandler` on Windows Operating Systems and Windows File Systems, if the mount poin...
CVE-2020-35217
- EPSS 0.15%
- Veröffentlicht 20.01.2021 13:15:12
- Zuletzt bearbeitet 21.11.2024 05:27:02
Vert.x-Web framework v4.0 milestone 1-4 does not perform a correct CSRF verification. Instead of comparing the CSRF token in the request with the CSRF token in the cookie, it compares the CSRF token in the cookie against a CSRF token that is stored i...