aiohttp 环境问题漏洞

aiohttp is an open source asynchronous HTTP client/server framework for asyncio and Python from aio-libs. An environment issue vulnerability exists in aiohttp 3.13.2 and earlier versions, which stems from the presence of non-ASCII decimal numbers allowed in the Range header, which could lead to a...

aiohttp 环境问题漏洞

aiohttp is an open source asynchronous HTTP client/server framework for asyncio and Python from aio-libs open source. An environment issue vulnerability exists in aiohttp 3.13.2 and earlier versions, which stems from the presence of non-ASCII characters that could allow a request entrapment attac...

Quest Coexistence Manager for Notes 安全漏洞

Quest Coexistence Manager for Notes is a data synchronization software from Quest USA. A security vulnerability exists in Quest Coexistence Manager for Notes, which stems from an inconsistent HTTP request/response interpretation that could lead to an HTTP request entrapment attack...

libsoup 环境问题漏洞

libsoup is a GNOME HTTP client/server library from the GNOME Project. An environment issue vulnerability exists in libsoup that stems from improper handling of HTTP headers, which could lead to request entrapment attacks, cache poisoning, or bypassing host-based access control...

Akamai Ghost 安全漏洞

Akamai Ghost is an HTTP service program from Akamai Corporation, USA. A security vulnerability exists in versions of Akamai Ghost prior to 2025-11-17, which stems from an error in the handling of chunked request bodies that could lead to HTTP request entrapment...

Netty 环境问题漏洞

Netty is a non-blocking I/O client-server framework from the Netty community that is primarily used to develop Java web applications such as protocol servers and clients. An environment issue vulnerability exists in Netty versions 4.1.124.Final and 4.2.0.Alpha3 through 4.2.4.Final, which stems fr...

Akamai Ghost 环境问题漏洞

Akamai Ghost is an HTTP service program from Akamai Corporation. An environmental issue vulnerability exists in versions of Akamai Ghost prior to 2025-03-26, which stems from inconsistent parsing of HTTP requests and could lead to a request entrapment attack...

Webrick 环境问题漏洞

Webrick is an HTTP server toolkit open-sourced by The Ruby Programming Language. Webrick suffers from an environment issue vulnerability that stems from inconsistent parsing of HTTP header terminators by the readheaders method, which could lead to an HTTP request entrapment attack...

Node.js 安全漏洞

Node.js is an open source, cross-platform JavaScript runtime environment from the Node.js open source. A security vulnerability exists in Node.js version 20.x that stems from the HTTP parser improperly terminating the HTTP/1 header, which could lead to a request entrapment attack...

h11 环境问题漏洞

h11 is a small HTTP/1.1 library written from scratch in Python by the individual developer Nathaniel J. Smith. An environment issue vulnerability exists in versions of h11 prior to 0.16.0, which stems from improper parsing of line terminators and could lead to a request entrapment attack...

OpenResty lua-nginx-module 安全漏洞

OpenResty lua-nginx-module is an OpenResty USA open source component for integrating the Lua scripting language into Nginx servers. A security vulnerability exists in OpenResty lua-nginx-module v0.10.26 and earlier versions, which stems from a specially crafted HEAD request that results in an...

Unspecified Vulnerability in JetBrains Ktor

JetBrains Ktor is a web framework for building asynchronous servers and clients in Kotlin from the Czech company JetBrains. Used to create microservices, Web applications , etc., build RESTful API. JetBrains Ktor suffers from a security vulnerability that stems from the occurrence of an HTTP...

Gunicorn 环境问题漏洞

Gunicorn is a Python web server gateway interface HTTP server from the Gunicorn open source. An environment issue vulnerability exists in Gunicorn version 21.2.0 that stems from improper validation of the Transfer-Encoding header, which could lead to a request entrapment attack...

JetBrains Ktor 环境问题漏洞

JetBrains Ktor is a web framework for building asynchronous servers and clients in Kotlin from the Czech company JetBrains. Used to create microservices, Web applications , etc., build RESTful API. JetBrains Ktor suffers from a security vulnerability that stems from the occurrence of an HTTP...

HAProxy 安全漏洞

Haproxy HAProxy is an open source TCP/HTTP load balancing server from the French company Haproxy. The server provides 4-layer and 7-layer proxies and can support tens of thousands of levels of connections with high efficiency and stability. A security vulnerability exists in HAProxy versions prio...

JetBrains Ktor Environment Issue Vulnerability (CNVD-2021-10498)

JetBrains Ktor framework is a Web application framework from the Czech company JetBrains. A security vulnerability exists in JetBrains Ktor versions prior to 1.4.1, which stems from HTTP request entrapment attacks are possible. No detailed vulnerability details are provided at this time...

Apache Traffic Server Environment Issue Vulnerability (CNVD-2020-21910)

Apache Traffic Server ATS is the United States Apache Apache Software Foundation's set of scalable HTTP proxy and caching server. An environmental issue vulnerability exists in Apache ATS versions 6.0.0 through 6.2.3, 7.0.0 through 7.1.8, and 8.0.0 through 8.0.5, which stems from incorrect input...