CWE-551
9 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-551page 1 of 1
- CVE-2021-28164MEDIUMCVSS 5.3EG 9.02021-04-01
In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. For example a request to /context/…
- CVE-2021-28165HIGHCVSS 7.5EG 7.52021-04-01
In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.
- CVE-2021-31384HIGHCVSS 7.2EG 7.22021-10-19
Due to a Missing Authorization weakness and Insufficient Granularity of Access Control in a specific device configuration, a vulnerability exists in Juniper Networks Junos OS on SRX Series whereby an attacker who attempts to access J-Web a…
- CVE-2021-32777HIGHCVSS 8.6EG 8.62021-08-24
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions when ext-authz extension is sending request headers to the external authorization service it must merge m…
- CVE-2021-32779HIGHCVSS 8.6EG 8.62021-08-24
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions envoy incorrectly handled a URI '#fragment' element as part of the path element. Envoy is configured with…
- CVE-2021-34429MEDIUMCVSS 5.3EG 9.02021-07-15
For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the v…
- CVE-2023-23924CRITICALCVSS 10.0EG 10.02023-02-01
Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing `<image>` tags with uppercase letters. This may lead to arbitrary object unserialize on PHP < 8, through the `phar` URL wrappe…
- CVE-2026-0707MEDIUMCVSS 5.3EG 5.32026-01-08
A flaw was found in Keycloak. The Keycloak Authorization header parser is overly permissive regarding the formatting of the "Bearer" authentication scheme. It accepts non-standard characters (such as tabs) as separators and tolerates case …
- CVE-2026-4636HIGHCVSS 8.1EG 8.12026-04-02
A flaw was found in Keycloak. An authenticated user with the uma_protection role can bypass User-Managed Access (UMA) policy validation. This allows the attacker to include resource identifiers owned by other users in a policy creation req…
Map vulnerabilities like CWE-551 to your infrastructure
EchelonGraph correlates every CVE — across CWE-551 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →