239 matches found
MGASA-2026-0130 Updated perl-Gazelle packages fix security vulnerability
Gazelle versions through 0.49 for Perl allows HTTP Request Smuggling via Improper Header Precedence. CVE-2026-40562...
Updated perl-Gazelle packages fix security vulnerability
Gazelle versions through 0.49 for Perl allows HTTP Request Smuggling via Improper Header Precedence. CVE-2026-40562...
CVE-2026-40562
Gazelle versions through 0.49 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Gazelle incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An...
EUVD-2026-27825
Gazelle versions through 0.49 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Gazelle incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An...
CVE-2026-40562
Gazelle versions through 0.49 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Gazelle incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An...
CVE-2026-40562
Gazelle for Perl (versions up to 0.49) is affected by HTTP Request Smuggling due to improper header precedence: Content-Length is prioritized over Transfer-Encoding: chunked when both headers are present, contravening RFC 7230 section 3.3.3. This can enable smuggling of requests via a front-end r...
CVE-2026-40562 Gazelle versions through 0.49 for Perl allows HTTP Request Smuggling via Improper Header Precedence
Gazelle versions through 0.49 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Gazelle incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An...
CVE-2026-40562
Gazelle versions through 0.49 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Gazelle incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An...
CVE-2026-40562 Gazelle versions through 0.49 for Perl allows HTTP Request Smuggling via Improper Header Precedence
Gazelle versions through 0.49 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Gazelle incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An...
PT-2026-37626
Name of the Vulnerable Software and Affected Versions Gazelle versions prior to 0.50 Description Improper header precedence allows HTTP Request Smuggling. The software incorrectly prioritizes the Content-Length header over Transfer-Encoding: chunked when both are present in an HTTP request,...
Gazelle 环境问题漏洞
Gazelle is a web framework developed by WhatCD’s developers, designed for private BitTorrent trackers. Versions of Gazelle prior to 0.49 contained an environmental vulnerability, caused by improper handling of HTTP header priorities. This vulnerability could allow attackers to inject malicious HT...
EUVD-2025-117384
Malicious code in fashionable-blush-gazelle npm...
EUVD-2025-117494
Malicious code in chemical-yellow-gazelle npm...
MAL-2025-138718 Malicious code in fashionable-blush-gazelle (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adfa08507cb42efe388d7f23747871107a7ab80f9f49e1ad6fde93e08d732c09 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-136250 Malicious code in poor_gazelle_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc8ace67a22967a12ace24ef0f5de7a73c97593f73b2ea38b22a078a63c6af24 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-98460
Malicious code in gloriousgazellez3n npm...
EUVD-2025-103013
Malicious code in possiblegazellez3n npm...
MAL-2025-131009 Malicious code in victorious_gazelle_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 386aef88193c2677b7fbcd8f8c3eb81685ee45174965954a9a8c2ebe6b66a114 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-100100
Malicious code in deliciousgazellez3n npm...
EUVD-2025-102289
Malicious code in shinygazellez3n npm...