CVE-2022-32214

The llhttp parser v14.20.1, v16.17.1 and v18.9.1 in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling HRS...

BMC Track-It! HTTP Module Improper Access Control Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It!. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results from the lack of authentication prio...

CVE-2022-32215

A vulnerability was found in NodeJS due to the llhttp parser in the HTTP module incorrectly handling multi-line Transfer-Encoding headers. This issue can lead to HTTP Request Smuggling HRS. This flaw allows a remote attacker to send a specially crafted HTTP request to the server and smuggle...

PT-2022-21154 · Node.Js +8 · Node.Js +8

Name of the Vulnerable Software and Affected Versions: Node.js versions prior to 14.20.1 Node.js versions prior to 16.17.1 Node.js versions prior to 18.9.1 Description: The issue arises from the llhttp parser in the http module in Node.js, which does not correctly parse and validate...

[SECURITY] Fedora 34 Update: libxml2-2.9.14-1.fc34

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

[SECURITY] Fedora 36 Update: libxml2-2.9.14-1.fc36

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

BMC Track-It! HTTP Module Improper Access Control Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of BMC Track-It!. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results from the lack of authentication prior...

Fedora: Security Advisory for python-urllib3 (FEDORA-2021-9c5f3b8aae)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 33 Update: python-urllib3-1.25.8-5.fc33

Python HTTP module with connection pooling and file POST abilities...

[SECURITY] Fedora 34 Update: python-urllib3-1.25.10-5.fc34

Python HTTP module with connection pooling and file POST abilities...

[SECURITY] Fedora 33 Update: libxml2-2.9.12-4.fc33

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

Moderate: python-urllib3 security update

The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: python-urllib3: CRLF injection via HTTP request method CVE-2020-26137 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

python-urllib3 security update

An update is available for python-urllib3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-urllib3 package provides the Python HTTP module with...

[SECURITY] Fedora 31 Update: libxml2-2.9.10-4.fc31

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

[SECURITY] Fedora 32 Update: libxml2-2.9.10-7.fc32

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

CVE-2018-7159

It was found that the http module from Node.js could accept incorrect Content-Length values, containing spaces within the value, in HTTP headers. A specially crafted client could use this flaw to possibly confuse the script, causing unspecified behavior...

[SECURITY] Fedora 29 Update: python-urllib3-1.24.3-1.fc29

Python HTTP module with connection pooling and file POST abilities...

Fedora Update for python-urllib3 FEDORA-2019-a6c56f9756

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 28 Update: python-urllib3-1.24.2-1.fc28

Python HTTP module with connection pooling and file POST abilities...

Fedora Update for python-urllib3 FEDORA-2019-8560719e80

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...