Lucene search
K

6 matches found

OSV
OSV
added 2026/05/06 12:36 p.m.4 views

CVE-2026-40562 Gazelle versions through 0.49 for Perl allows HTTP Request Smuggling via Improper Header Precedence

Gazelle versions through 0.49 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Gazelle incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An...

7.5CVSS6AI score0.00319EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/12/20 8:14 p.m.12 views

CVE-2025-12874

Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Quest Coexistence Manager for Notes Free/Busy Connector modules allows HTTP Request Smuggling via the Content-Length-Transfer-Encoding CL.TE attack vector. This could allow an attacker to bypass access...

6.3CVSS6.9AI score0.00392EPSS
Exploits0References1
NVD
NVD
added 2025/12/19 8:15 p.m.5 views

CVE-2025-12874

Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Quest Coexistence Manager for Notes Free/Busy Connector modules allows HTTP Request Smuggling via the Content-Length-Transfer-Encoding CL.TE attack vector. This could allow an attacker to bypass access...

6.3CVSS0.00392EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/19 7:36 p.m.29 views

CVE-2025-12874 HTTP Request Smuggling in Quest Coexistence Manager for Notes

Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Quest Coexistence Manager for Notes Free/Busy Connector modules allows HTTP Request Smuggling via the Content-Length-Transfer-Encoding CL.TE attack vector. This could allow an attacker to bypass access...

6.3CVSS0.00392EPSS
Exploits0References2
CVE
CVE
added 2025/12/19 7:36 p.m.18 views

CVE-2025-12874

Quest Coexistence Manager for Notes (Free/Busy Connector modules) contains a HTTP Request/Response Smuggling flaw via Content-Length-Transfer-Encoding (CL.TE). The CVE entry notes the issue affects version 3.8.2045 and may affect other versions; impact includes bypassing access controls, web-cach...

6.3CVSS6.5AI score0.00392EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 3:12 p.m.6 views

CVE-2020-7670

agoo prior to 2.14.0 allows request smuggling attacks where agoo is used as a backend and a frontend proxy also being vulnerable. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Content-Length and Transfer encoding header parsing. It is possible to conduct...

7.5CVSS6.7AI score0.0117EPSS
Exploits0References1
Rows per page
Query Builder