Lucene search
K

36 matches found

NVD
NVD
added 2026/03/20 10:16 a.m.7 views

CVE-2026-33129

H3 is a minimal HTTP framework. Versions 2.0.1-beta.0 through 2.0.0-rc.8 contain a Timing Side-Channel vulnerability in the requireBasicAuth function due to the use of unsafe string comparison !==. This allows an attacker to deduce the valid password character-by-character by measuring the server...

5.9CVSS0.00319EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/03/20 9:41 a.m.24 views

CVE-2026-33129 h3 has an observable timing discrepancy in basic auth utils

H3 is a minimal HTTP framework. Versions 2.0.1-beta.0 through 2.0.0-rc.8 contain a Timing Side-Channel vulnerability in the requireBasicAuth function due to the use of unsafe string comparison !==. This allows an attacker to deduce the valid password character-by-character by measuring the server...

5.9CVSS0.00319EPSS
Exploits1References3
OSV
OSV
added 2026/03/20 9:41 a.m.5 views

CVE-2026-33129 h3 has an observable timing discrepancy in basic auth utils

H3 is a minimal HTTP framework. Versions 2.0.1-beta.0 through 2.0.0-rc.8 contain a Timing Side-Channel vulnerability in the requireBasicAuth function due to the use of unsafe string comparison !==. This allows an attacker to deduce the valid password character-by-character by measuring the server...

5.9CVSS5.8AI score0.00319EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/20 9:37 a.m.25 views

CVE-2026-33128 h3 has a Server-Sent Events Injection via Unsanitized Newlines in Event Stream Fields

H3 is a minimal HTTP framework. In versions prior to 1.15.6 and between 2.0.0 through 2.0.1-rc.14, createEventStream is vulnerable to Server-Sent Events SSE injection due to missing newline sanitization in formatEventStreamMessage and formatEventStreamComment. An attacker who controls any part of...

7.5CVSS0.00486EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/20 9:37 a.m.3 views

CVE-2026-33128

H3 is a minimal HTTP framework. In versions prior to 1.15.6 and between 2.0.0 through 2.0.1-rc.14, createEventStream is vulnerable to Server-Sent Events SSE injection due to missing newline sanitization in formatEventStreamMessage and formatEventStreamComment. An attacker who controls any part of...

7.5CVSS5.9AI score0.00486EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.14 views

H3 安全漏洞

H3 is an open-source HTTP framework developed by H3. Versions 2.0.0-0 to 2.0.1-rc.14 of H3 contain security vulnerabilities. These vulnerabilities stem from a Host header spoofing issue in NodeRequestUrl, which may allow middleware to bypass security checks...

9.1CVSS5.8AI score0.00388EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.8 views

H3 安全漏洞

H3 is an open-source HTTP framework developed by H3. Versions of H3 from 2.0.1-beta.0 to 2.0.0-rc.8 contain security vulnerabilities. These vulnerabilities stem from the use of insecure string comparisons in the requireBasicAuth function, which may lead to timing side-channel attacks...

5.9CVSS5.8AI score0.00319EPSS
Exploits1References4
Snyk
Snyk
added 2026/03/18 4:18 p.m.4 views

Directory Traversal

Overview org.webjars.npm:h3 is a Minimal HTTP framework built for high performance and portability. Affected versions of this package are vulnerable to Directory Traversal via the serveStatic function. An attacker can access arbitrary files outside the intended static directory by sending crafted...

8.2CVSS6.5AI score
Exploits0References2
OSV
OSV
added 2026/03/18 4:18 p.m.3 views

GHSA-WR4H-V87W-P3R7 h3 has a Path Traversal via Percent-Encoded Dot Segments in serveStatic Allows Arbitrary File Read

Summary serveStatic in h3 is vulnerable to path traversal via percent-encoded dot segments %2e%2e, allowing an unauthenticated attacker to read arbitrary files outside the intended static directory on Node.js deployments. Details The vulnerability exists in src/utils/static.ts at line 86:...

5.9CVSS6.1AI score
Exploits0References4
Snyk
Snyk
added 2026/03/18 4:18 p.m.9 views

Directory Traversal

Overview h3 is a Minimal HTTP framework built for high performance and portability. Affected versions of this package are vulnerable to Directory Traversal via the serveStatic function. An attacker can access arbitrary files outside the intended static directory by sending crafted HTTP requests...

8.2CVSS6.4AI score
Exploits0References2
Snyk
Snyk
added 2026/03/18 4:18 p.m.3 views

User Impersonation

Overview h3 is a Minimal HTTP framework built for high performance and portability. Affected versions of this package are vulnerable to User Impersonation via manipulation of the Host header in HTTP requests, which allows untrusted input to influence the construction of the event.url object. An...

9.1CVSS5.7AI score0.00388EPSS
Exploits1References2
OSV
OSV
added 2026/03/18 4:18 p.m.3 views

GHSA-3VJ8-JMXQ-CGJ5 h3 has a middleware bypass with one gadget

H3 NodeRequestUrl bugs Vulnerable pieces of code : js import H3, serve, defineHandler, getQuery, getHeaders, readBody, defineNodeHandler from "h3"; let app = new H3 const internalOnly = defineHandlerevent, next = const token = event.headers.get"x-internal-key"; if token !==...

7.4CVSS5.9AI score0.00388EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/01/15 7:24 p.m.25 views

CVE-2026-23527 h3 v1 has Request Smuggling (TE.TE) issue

H3 is a minimal HTTP framework built for high performance and portability. Prior to 1.15.5, there is a critical HTTP Request Smuggling vulnerability. readRawBody is doing a strict case-sensitive check for the Transfer-Encoding header. It explicitly looks for "chunked", but per the RFC, this heade...

8.9CVSS0.00576EPSS
Exploits1References4
EUVD
EUVD
added 2026/01/15 7:24 p.m.3 views

EUVD-2026-2737

H3 is a minimal HTTP framework built for high performance and portability. Prior to 1.15.5, there is a critical HTTP Request Smuggling vulnerability. readRawBody is doing a strict case-sensitive check for the Transfer-Encoding header. It explicitly looks for "chunked", but per the RFC, this heade...

8.9CVSS6.3AI score0.00576EPSS
Exploits1References4
CVE
CVE
added 2026/01/15 7:24 p.m.60 views

CVE-2026-23527

CVE-2026-23527 affects the h3 HTTP framework (pre-1.15.5). The vulnerability is in readRawBody, which performs a strict case-sensitive check for the Transfer-Encoding header and looks for the literal value “chunked.” Because RFC requires case-insensitive handling, an attacker can craft a request ...

9.8CVSS6.4AI score0.00576EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.15 views

PT-2026-3098

Name of the Vulnerable Software and Affected Versions H3 versions prior to 1.15.5 Description H3 is a minimal HTTP framework designed for high performance and portability. A critical HTTP Request Smuggling issue exists due to a case-sensitive check for the 'Transfer-Encoding' header within the...

8.9CVSS6.7AI score0.00576EPSS
Exploits1References12
Rows per page
Query Builder