{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/web-framework/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["denial-of-service","web-framework","rust"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eSalvo is a Rust-based web framework. Prior to version 0.89.3, the \u003ccode\u003eform_data()\u003c/code\u003e method and \u003ccode\u003eExtractible\u003c/code\u003e macro within Salvo do not properly enforce payload size limits when parsing form data. This lack of input validation allows a remote, unauthenticated attacker to send arbitrarily large HTTP request bodies to a vulnerable server. By exploiting this vulnerability, an attacker can exhaust the server\u0026rsquo;s memory resources, leading to an Out-of-Memory (OOM) condition. This results in service crashes…\u003c/p\u003e\n","date_modified":"2026-03-25T12:00:00Z","date_published":"2026-03-25T12:00:00Z","id":"/briefs/2026-03-salvo-dos/","summary":"The Salvo web framework before version 0.89.3 is vulnerable to denial of service due to unbounded memory allocation when parsing form data, enabling attackers to crash services by sending large payloads.","title":"Salvo Web Framework Denial of Service Vulnerability (CVE-2026-33241)","url":"https://feed.craftedsignal.io/briefs/2026-03-salvo-dos/"},{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["path-traversal","access-control-bypass","web-framework"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eSalvo, a Rust web framework, is vulnerable to a path traversal and access control bypass in versions 0.39.0 through 0.89.2. This vulnerability, identified as CVE-2026-33242, resides within the \u003ccode\u003esalvo-proxy\u003c/code\u003e component. The flaw allows unauthenticated, remote attackers to circumvent proxy routing restrictions and gain access to backend resources that should be protected. The root cause is the \u003ccode\u003eencode_url_path\u003c/code\u003e function\u0026rsquo;s failure to properly sanitize \u0026ldquo;../\u0026rdquo; sequences within URLs. This leads to the sequences being passed directly to the upstream server without re-encoding, thus bypassing intended access controls. Organizations using affected versions of Salvo are vulnerable until they upgrade to version 0.89.3, which contains the necessary patch.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn unauthenticated attacker identifies a Salvo web server running a vulnerable version (0.39.0 - 0.89.2).\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP request targeting a proxied endpoint.\u003c/li\u003e\n\u003cli\u003eThe crafted request includes a URL containing \u0026ldquo;../\u0026rdquo; sequences to traverse directories outside the intended proxy path.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eencode_url_path\u003c/code\u003e function fails to properly normalize or re-encode the \u0026ldquo;../\u0026rdquo; sequence.\u003c/li\u003e\n\u003cli\u003eThe unsanitized URL is forwarded to the upstream server behind the proxy.\u003c/li\u003e\n\u003cli\u003eThe upstream server processes the request, granting access to unintended files or endpoints due to the path traversal.\u003c/li\u003e\n\u003cli\u003eThe attacker gains unauthorized access to sensitive information, protected functionalities, or administrative interfaces.\u003c/li\u003e\n\u003cli\u003eThe attacker may further exploit the compromised resource to escalate privileges or compromise the entire system.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows unauthenticated attackers to bypass intended access controls and access sensitive backend resources. The CVSS v3.1 score is 7.5. This could lead to exposure of confidential data, unauthorized modification of system settings, or complete system compromise, depending on the nature of the accessible resources. The number of affected deployments is currently unknown but depends on the adoption rate of the Salvo framework.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade Salvo to version 0.89.3 or later to patch CVE-2026-33242.\u003c/li\u003e\n\u003cli\u003eImplement web application firewall (WAF) rules to detect and block requests containing \u0026ldquo;../\u0026rdquo; sequences in the URL, mitigating potential path traversal attempts.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rules provided below to your SIEM to detect exploitation attempts targeting this vulnerability.\u003c/li\u003e\n\u003cli\u003eReview and harden proxy configurations to ensure proper input validation and sanitization of URLs.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-03-24T00:16:29Z","date_published":"2026-03-24T00:16:29Z","id":"/briefs/2024-01-salvo-path-traversal/","summary":"Salvo web framework versions 0.39.0 through 0.89.2 are vulnerable to Path Traversal and Access Control Bypass, allowing unauthenticated external attackers to bypass proxy routing constraints and access unintended backend paths.","title":"Salvo Web Framework Path Traversal Vulnerability","url":"https://feed.craftedsignal.io/briefs/2024-01-salvo-path-traversal/"}],"language":"en","title":"CraftedSignal Threat Feed — Web-Framework","version":"https://jsonfeed.org/version/1.1"}