Lucene search
K

2408 matches found

Patchstack
Patchstack
added 2026/06/16 2:32 p.m.4 views

NPM: hono: Body Limit Middleware can be bypassed on AWS Lambda by understating `Content-Length`

NPM: hono: Body Limit Middleware can be bypassed on AWS Lambda by understating Content-Length vulnerability discovered by ? in WordPress Npm hono versions 4.12.25...

6.5CVSS5.8AI score0.00103EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/16 2:32 p.m.13 views

hono: Body Limit Middleware can be bypassed on AWS Lambda by understating `Content-Length`

Summary The Body Limit Middleware trusts the request's Content-Length header to decide whether a body is within the limit. On AWS Lambda API Gateway v1/v2, ALB, VPC Lattice, and Lambda@Edge the body is delivered fully buffered and the adapter builds the request with the client-declared...

6.5CVSS5.4AI score0.00103EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/16 2:32 p.m.7 views

GHSA-RV63-4MWF-QQC2 hono: Body Limit Middleware can be bypassed on AWS Lambda by understating `Content-Length`

Summary The Body Limit Middleware trusts the request's Content-Length header to decide whether a body is within the limit. On AWS Lambda API Gateway v1/v2, ALB, VPC Lattice, and Lambda@Edge the body is delivered fully buffered and the adapter builds the request with the client-declared...

6.5CVSS5.4AI score0.00103EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.19 views

PT-2026-49735

Name of the Vulnerable Software and Affected Versions Hono versions prior to 4.12.25 Description The Body Limit Middleware trusts the Content-Length header to determine if a request body is within the allowed limit. In environments such as AWS Lambda including API Gateway v1/v2, ALB, VPC Lattice,...

6.5CVSS5.8AI score0.00103EPSS
Exploits0References4
OSV
OSV
added 2026/06/15 8:23 p.m.9 views

GHSA-V9PG-7XVM-68HF python-multipart: Negative Content-Length in parse_form buffers the entire body in memory

Summary parseform did not validate the Content-Length header before using it to bound its chunked read of the request body. A negative Content-Length turned the bounded read into a read-until-EOF, so the entire body was loaded into memory in a single read instead of in fixed-size chunks. Details...

3.7CVSS5.5AI score0.00217EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/15 8:23 p.m.12 views

python-multipart: Negative Content-Length in parse_form buffers the entire body in memory

Summary parseform did not validate the Content-Length header before using it to bound its chunked read of the request body. A negative Content-Length turned the bounded read into a read-until-EOF, so the entire body was loaded into memory in a single read instead of in fixed-size chunks. Details...

3.7CVSS5.5AI score0.00217EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/06/15 8:23 p.m.15 views

Improper Validation of Specified Quantity in Input

Overview python-multipart is an A streaming multipart parser for Python Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the parseform function when processing a negative Content-Length header. An attacker can cause excessive memory usage b...

6.3CVSS5.4AI score0.00217EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.19 views

PT-2026-49572

Name of the Vulnerable Software and Affected Versions Python-Multipart versions prior to 0.0.31 Description The parse form function fails to validate the Content-Length header before using it to limit the chunked read of the request body. Because the header value is parsed as an integer without a...

3.7CVSS5.8AI score0.00217EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.41 views

Fedora 44 : python-python-multipart (2026-104e079187)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-104e079187 advisory. 0.0.32 2026-06-04 Speed up partial-boundary scanning for CR/LF-dense part data. ---- 0.0.31 2026-06-04 Speed up multipart header parsing and callback dispatc...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/06/12 3:8 p.m.5 views

GHSA-6PH5-FWW6-VFWV NIOExtras: NIOHTTPRequestDecompressor ratio limit bypass via inflated Content-Length

Impact When NIOHTTPRequestDecompressor is configured with .ratioN, the decompression limit is enforced using the Content-Length header value from the incoming request rather than the actual number of compressed bytes received. Since Content-Length is attacker-controlled, a malicious client can...

6.9CVSS5.5AI score0.01008EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/12 3:8 p.m.13 views

NIOExtras: NIOHTTPRequestDecompressor ratio limit bypass via inflated Content-Length

Impact When NIOHTTPRequestDecompressor is configured with .ratioN, the decompression limit is enforced using the Content-Length header value from the incoming request rather than the actual number of compressed bytes received. Since Content-Length is attacker-controlled, a malicious client can...

7.5CVSS7.4AI score0.01008EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/12 12:26 p.m.8 views

OESA-2026-2667 libsoup3 security update

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. Security Fixes: A flaw was found in libsoup. The SoupWebsocketConnection may accep...

8.2CVSS6.6AI score0.00821EPSS
Exploits2References5
GitLab Advisory Database
GitLab Advisory Database
added 2026/06/12 12:0 a.m.10 views

NIOExtras: NIOHTTPRequestDecompressor ratio limit bypass via inflated Content-Length

When NIOHTTPRequestDecompressor is configured with .ratioN, the decompression limit is enforced using the Content-Length header value from the incoming request rather than the actual number of compressed bytes received. Since Content-Length is attacker-controlled, a malicious client can supply an...

5.2AI score0.00042EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.18 views

PT-2026-48924

Impact When NIOHTTPRequestDecompressor is configured with .ratioN, the decompression limit is enforced using the Content-Length header value from the incoming request rather than the actual number of compressed bytes received. Since Content-Length is attacker-controlled, a malicious client can...

7.5CVSS7.3AI score0.01008EPSS
Exploits0References3
NVD
NVD
added 2026/06/11 8:16 p.m.12 views

CVE-2026-53781

Summarize before 0.17.0 contains a resource exhaustion vulnerability that allows remote attackers to cause disk exhaustion by serving media responses that bypass the enforced size limit through missing or misreported Content-Length headers, chunked transfer encoding, or failed HEAD requests...

5.3CVSS0.00329EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/11 7:11 p.m.31 views

CVE-2026-53781 Summarize < 0.17.0 Disk Exhaustion via Uncapped Media Download

Summarize before 0.17.0 contains a resource exhaustion vulnerability that allows remote attackers to cause disk exhaustion by serving media responses that bypass the enforced size limit through missing or misreported Content-Length headers, chunked transfer encoding, or failed HEAD requests...

5.3CVSS0.00329EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/11 7:11 p.m.10 views

CVE-2026-53781 Summarize < 0.17.0 Disk Exhaustion via Uncapped Media Download

Summarize before 0.17.0 contains a resource exhaustion vulnerability that allows remote attackers to cause disk exhaustion by serving media responses that bypass the enforced size limit through missing or misreported Content-Length headers, chunked transfer encoding, or failed HEAD requests...

5.3CVSS5.3AI score0.00329EPSS
Exploits0References4
CVE
CVE
added 2026/06/11 7:11 p.m.20 views

CVE-2026-53781

The CVE affects the Summarize utility prior to version 0.17.0. Vulnerable path is the temp-file-based media download, where an unbounded response can be streamed via the download/response path, causing disk and resource exhaustion. Root cause: responses bypass the enforced size limit due to missi...

5.3CVSS5.5AI score0.00329EPSS
Exploits0References4
OSV
OSV
added 2026/06/11 5:16 p.m.6 views

UBUNTU-CVE-2026-44488

Axios is a promise based HTTP client for the browser and Node.js. Axios versions 1.7.0 through 1.15.x did not enforce configured request and response size limits when requests were sent with the fetch adapter. Applications that selected adapter: 'fetch', or ran in environments where axios resolve...

7.5CVSS5.4AI score0.0063EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/06/11 3:37 p.m.21 views

CVE-2026-44488 Axios: Allocation of Resources Without Limits or Throttling in axios

Axios is a promise based HTTP client for the browser and Node.js. Axios versions 1.7.0 through 1.15.x did not enforce configured request and response size limits when requests were sent with the fetch adapter. Applications that selected adapter: 'fetch', or ran in environments where axios resolve...

7.5CVSS5.5AI score0.0063EPSS
Exploits1References1
Rows per page
Query Builder