VYPR
Vendor

Lostisland

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2026-54297higJun 19, 2026
    risk 0.38cvss epss 0.00

    # Uncontrolled Recursion in NestedParamsEncoder Allows Stack Exhaustion DoS via Deeply Nested Query Parameters ## Summary `Faraday::NestedParamsEncoder`, the default nested query parameter encoder/decoder in Faraday, decodes nested query strings without enforcing a maximum…

  • CVE-2026-33637NonMay 19, 2026
    risk 0.00cvss 0.0epss 0.00

    Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Versions 2.0.0 through 2.14.1 still allow protocol-relative host override when the request target is passed as a URI object (rather than a String) to…

  • CVE-2026-25765Feb 9, 2026
    risk 0.00cvss epss 0.00

    Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Prior to 2.14.1, Faraday's build_exclusive_url method (in lib/faraday/connection.rb) uses Ruby's URI#merge to combine the connection's base URL with a user-supplied path. Per…

VYPR — Vulnerability Intelligence