CVE-2026-42578

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's HttpProxyHandler constructs HTTP CONNECT requests with header validation explicitly disabled. The newInitialMessage method creates headers using...

UBUNTU-CVE-2026-42578

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's HttpProxyHandler constructs HTTP CONNECT requests with header validation explicitly disabled. The newInitialMessage method creates headers using...

CVE-2026-42578

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's HttpProxyHandler constructs HTTP CONNECT requests with header validation explicitly disabled. The newInitialMessage method creates headers using...

Netty has HTTP Header Injection via HttpProxyHandler Disabled Validation (Incomplete Fix CVE-2025-67735)

Security Vulnerability Report: HTTP Header Injection via HttpProxyHandler Disabled Validation in Netty 1. Vulnerability Summary | Field | Value | |-------|-------| | Product | Netty | | Version | 4.2.12.Final and all prior versions | | Component | io.netty.handler.proxy.HttpProxyHandler | |...

CVE-2026-3784

curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a server, even if the new request uses different credentials for the HTTP proxy. The proper behavior is to create or use a separate connection...

BIT-ENVOY-2025-64763 Envoy forwards early CONNECT data in TCP proxy mode

Envoy is a high-performance edge/middle/service proxy. In 1.33.12, 1.34.10, 1.35.6, 1.36.2, and earlier, when Envoy is configured in TCP proxy mode to handle CONNECT requests, it accepts client data before issuing a 2xx response and forwards that data to the upstream TCP connection. If a forwardi...

Envoy 安全漏洞

Envoy is an Enphase open source gateway program for connecting smart home devices. A security vulnerability exists in Envoy versions 1.33.12, 1.34.10, 1.35.6, 1.36.2, and prior versions, which stems from a state desynchronization issue when processing CONNECT requests in TCP proxy mode...

CVE-2025-47370 Reachable Assertion in BT Controller

Transient DOS when a remote device sends an invalid connection request during BT connectable LE scan...

SUSE-SU-2025:1465-1 Security update for apache2-mod_auth_openidc

This update for apache2-modauthopenidc fixes the following issues: - CVE-2025-31492: Fixed a bug where OIDCProviderAuthRequestMethod POSTs can leak protected data. bsc1240893...

kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c

A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capconnect and l2capleconnectreq functions. An attacker with physical access within the range of standard Bluetooth transmission could...

Information Disclosure

play-ws is vulnerable to information disclosure. The vulnerability exists through a regression caused by async-http-client that causes HTTP CONNECT requests set to an outbound HTTPS requests when using an authenticated proxy server...

Borland InterBase Database Message Handling Buffer Overflow

InterBase is a SQL-92 compliant relational database management system developed by Borland Software Corporation. It supports standard interfaces such as JDBC, ODBC, and ADO.NET. The InterBase database system runs on Linux, Microsoft Windows, and Solaris operating systems. There exists a buffer...

CCProxy CONNECTION Request Buffer Overflow Vulnerability

This host is running CCProxy and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbccproxyconnectionreqbofvuln.nasl 4865 2016-12-28 16:16:43Z teissa $ CCProxy CONNECTION Request Buffer Overflow Vulnerability. Authors: Nikita MR Copyright: Copyright c 2009 Greenbone...

Firebird: Buffer overflow

Background Firebird is an open source relational database that runs on Linux, Windows, and various UNIX systems. Description Cody Pierce from TippingPoint DVLabs has discovered a buffer overflow when processing "connect" requests with an overly large "pcnctcount" value. Impact An unauthenticated...

HTTP Proxy CONNECT Loop DoS

The proxy allows the users to perform repeated CONNECT requests to itself. This allow anybody to saturate the proxy CPU, memory or file descriptors. Note that if the proxy limits the number of connections from a single IP e.g. acl maxconn with Squid, it is protected against saturation and you may...

CVE-2005-0316

WebWasher Classic 2.2.1 and 3.3 (server mode) are affected by CVE-2005-0316: the product fails to drop CONNECT requests to localhost from external hosts, enabling remote bypass of access restrictions. Affected component is WebWasher Server mode proxy handling CONNECT to 127.0.0.1. Impact is descr...

Cayman gateways are vulnerable to a denial of service via a portscan

Overview Cayman gateways are vulnerable to a denial of service. An attacker can send a number of TCP connect requests or SYN packets, in conjunction with a "Bouncing" vulnerability, and can cause a denial of service to the gateway. Description The gateway will crash after receiving a number of TC...