Vulnerabilities > Improper Encoding or Escaping of Output
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-30 | CVE-2024-10006 | Improper Encoding or Escaping of Output vulnerability in Hashicorp Consul A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules. | 5.8 |
| 2024-10-25 | CVE-2024-47549 | Improper Encoding or Escaping of Output vulnerability in multiple products Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow contamination of unintended data to HTTP response headers. Accessing a crafted URL which points to an affected product may cause malicious script executed on the web browser. | 6.1 |
| 2024-10-05 | CVE-2024-47845 | Improper Encoding or Escaping of Output vulnerability in Wikimedia Wikimedia-Extensions-Css Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Code Injection.This issue affects Mediawiki - CSS Extension: from 1.39.X before 1.39.9, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2. | 8.2 |
| 2024-09-30 | CVE-2024-47531 | Improper Encoding or Escaping of Output vulnerability in Clinical-Genomics Scout Scout is a web-based visualizer for VCF-files. | 3.5 |
| 2024-09-26 | CVE-2024-4099 | Improper Encoding or Escaping of Output vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.2.8, from 17.3 prior to 17.3.4, and from 17.4 prior to 17.4.1. | 5.3 |
| 2024-09-20 | CVE-2024-45808 | Improper Encoding or Escaping of Output vulnerability in Envoyproxy Envoy Envoy is a cloud-native high-performance edge/middle/service proxy. | 6.5 |
| 2024-09-06 | CVE-2024-45299 | Improper Encoding or Escaping of Output vulnerability in ALF 2.0M42304 alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. | 6.5 |
| 2024-08-29 | CVE-2024-8297 | Improper Encoding or Escaping of Output vulnerability in Kitsada8621 Digital Library Management System 1.0 A vulnerability was found in kitsada8621 Digital Library Management System 1.0. | 7.5 |
| 2024-08-08 | CVE-2024-6329 | Improper Encoding or Escaping of Output vulnerability in Gitlab An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, which causes the web interface to fail to render the diff correctly when the path is encoded. | 7.5 |
| 2024-07-30 | CVE-2023-26289 | Improper Encoding or Escaping of Output vulnerability in IBM Aspera Orchestrator 4.0.1 IBM Aspera Orchestrator 4.0.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 5.4 |