mitmproxy binaries embed a vulnerable python-hyper/h2 dependency

mitmproxy 12.1.1 and below embed python-hyper/h2 ≤ v4.2.0, which has a gap in its HTTP/2 header validation. This enables request smuggling attacks when mitmproxy is in a configuration where it translates HTTP/2 to HTTP/1. For example, this affects reverse proxies to http:// backends. It does not...

python-hyper h2 注入漏洞

python-hyper h2 is a Python HTTP/2 protocol implementation of Hyper open source. An injection vulnerability exists in python-hyper h2 versions prior to 4.3.0, which stems from HTTP2 request splitting and could lead to a request smuggling attack...

[SECURITY] Fedora 42 Update: rust-h2-0.4.12-1.fc42

An HTTP/2 client and server...

SUSE-SU-2025:02811-1 Security update for rust-keylime

This update for rust-keylime fixes the following issues: - Update to version 0.2.7+141: CVE-2025-58266: shlex: Fixed command injection bsc1247193 - Update to version 0.2.7+117: CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RSTSTREAM frames bsc1210344...

Malicious code in @zalastax/nolb-_hyper_fun_ionicons- (npm)

The package @zalastax/nolb-hyperfunionicons- was found to contain malicious code...

Malicious code in @zalastax/nolb-_hyper_fun_fa-s (npm)

The package @zalastax/nolb-hyperfunfa-s was found to contain malicious code...

Malicious code in @zalastax/nolb-_hyper_fun_fa-t (npm)

The package @zalastax/nolb-hyperfunfa-t was found to contain malicious code...

Malicious code in @zalastax/nolb-_hyper_fun_fluentui-emoji- (npm)

The package @zalastax/nolb-hyperfunfluentui-emoji- was found to contain malicious code...

Malicious code in @zalastax/nolb-_hyper_fun_fluentui-emoji-m (npm)

The package @zalastax/nolb-hyperfunfluentui-emoji-m was found to contain malicious code...

Malicious code in @zalastax/nolb-_hyper_fun_fluentui-emoji-mo (npm)

The package @zalastax/nolb-hyperfunfluentui-emoji-mo was found to contain malicious code...

Malicious code in @zalastax/nolb-_hyper_fun_fluentui-emoji-mr (npm)

The package @zalastax/nolb-hyperfunfluentui-emoji-mr was found to contain malicious code...

Malicious code in @zalastax/nolb-_hyper_fun_fluentui-emoji-p- (npm)

The package @zalastax/nolb-hyperfunfluentui-emoji-p- was found to contain malicious code...

Malicious code in @zalastax/nolb-_hyper_fun_fluentui-emoji-y (npm)

The package @zalastax/nolb-hyperfunfluentui-emoji-y was found to contain malicious code...

Malicious code in @zalastax/nolb-_hyper_fun_ionicons-t (npm)

The package @zalastax/nolb-hyperfunionicons-t was found to contain malicious code...

Malicious code in @zalastax/nolb-_hyper_fun_ionicons-v (npm)

The package @zalastax/nolb-hyperfunionicons-v was found to contain malicious code...

Malicious code in @zalastax/nolb-_hyper_fun_material-i (npm)

The package @zalastax/nolb-hyperfunmaterial-i was found to contain malicious code...

Malicious code in @zalastax/nolb-_hyper_fun_material-ic (npm)

The package @zalastax/nolb-hyperfunmaterial-ic was found to contain malicious code...

Malicious code in test-mlw2-hyper-jotas (npm)

The package test-mlw2-hyper-jotas was found to contain malicious code...

Malicious code in @zalastax/nolb-_hyper_fun_material-ico (npm)

The package @zalastax/nolb-hyperfunmaterial-ico was found to contain malicious code...

MAL-2025-10092 Malicious code in @zalastax/nolb-_hyper_fun_fluentui-emoji-mu (npm)

The package @zalastax/nolb-hyperfunfluentui-emoji-mu was found to contain malicious code...