7 matches found
TinyWeb 安全漏洞
TinyWeb is a simple and lightweight HTTP server developed by Konstantin Belyalov. Versions of TinyWeb prior to 2.04 contained security vulnerabilities. These vulnerabilities stemmed from the parser not strictly rejecting dangerous control characters in header lines and header values, which could...
RockyLinux 8 : php:8.2 (RLSA-2025:15687)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:15687 advisory. php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with...
MiracleLinux 8 : php:8.2 (AXSA:2025-10854:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10854:01 advisory. php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with...
OESA-2024-2069 netty3 security update
Netty is a NIO client server framework which enables quick and easy development of network applications such as protocol servers and clients. It greatly simplifies and streamlines network programming such as TCP and UDP socket server. Security Fixes: Netty before 4.1.42.Final mishandles whitespac...
python-aiohttp: numerous issues in HTTP parser with header parsing
An HTTP request smuggling vulnerability was found in aiohttp. Numerous issues with HTTP parsing can allow an attacker to smuggle HTTP requests...
aiohttp Security Vulnerabilities
aiohttp is an open source asynchronous HTTP client/server framework for asyncio and Python. A security vulnerability exists in aiohttp versions prior to 3.8.6, which stems from a number of problems with the HTTP parser's header parsing that could lead to request smuggling...
Reel Environmental Issues Vulnerability
Reel is an open source "event-based" Web server . An environmental issue vulnerability exists in Reel 0.6.1 and earlier versions, which can be exploited to conduct HTTP request smuggling attacks because the program does not properly parse the Content-Length and Transfer Encoding headers...