CVE-2026-49753 HTTP response smuggling in Mint HTTP/1 client via lenient Content-Length parsing

Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in elixir-mint Mint allows attacker-controlled HTTP/1 servers to desynchronise response framing on shared connections. Mint's HTTP/1 Content-Length parser, Mint.HTTP1.Parse.contentlengthheader/1 in...

CVE-2026-49753

Summary of the vulnerability : CVE-2026-49753 affects the Elixir Mint HTTP/1 client. The root cause is a lenient Content-Length parser in Mint.HTTP1.Parse.content_length_header/1, which accepts a leading + sign (e.g., +0, +123) despite RFC 7230 requiring unsigned digits only. When the same Mint c...

CVE-2026-49753 HTTP response smuggling in Mint HTTP/1 client via lenient Content-Length parsing

Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in elixir-mint Mint allows attacker-controlled HTTP/1 servers to desynchronise response framing on shared connections. Mint's HTTP/1 Content-Length parser, Mint.HTTP1.Parse.contentlengthheader/1 in...

Astra Linux - уязвимость в apache2

An HTTP response smuggling vulnerability exists in the Apache HTTP Server via modproxyuwsgi. This issue affects the Apache HTTP Server version 2.4.30 through 2.4.55. Special characters in the origin response header can cause the response forwarded to the client to be truncated or split...

CVE-2026-24880

A flaw was found in Apache Tomcat. A remote attacker could exploit an inconsistent interpretation of HTTP requests, known as HTTP Request/Response Smuggling, by sending a specially crafted request with an invalid chunk extension. This vulnerability allows an attacker to manipulate the way HTTP...

Numeric Truncation Error

Overview Affected versions of this package are vulnerable to Numeric Truncation Error in the chunk size parsing process when handling HTTP requests with Transfer-Encoding set to chunked. An attacker can cause HTTP request or response smuggling by sending a chunk size value that parses to 2^64 or...

EUVD-2025-180210

File Browser has risk of HTTP Request/Response smuggling through vulnerable dependency...

Lighttpd 1.4.80 HTTP Request/Response Smuggling Vulnerability

Lighttpd is prone to an HTTP request/response smuggling vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

EUVD-2006-2783

Malware in sbrugna...

EUVD-2020-0447

Malware in sbrugna...

EUVD-2025-5808

Malicious code in bioql PyPI...

EUVD-2024-39560

Malicious code in bioql PyPI...

TencentOS Server 3: httpd:2.4 (TSSA-2023:0215)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0215 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Alibaba Cloud Linux 3 : 0145: httpd:2.4 (ALINUX3-SA-2023:0145)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0145 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-27522: HTTP Response Smuggling vulnerabili...

CVE-2025-1867

Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in ithewei libhv allows HTTP Response Smuggling.This issue affects libhv: through 1.3.3...

CVE-2025-1867 HTTP Response Smuggling Vulnerability in libhv

Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in ithewei libhv allows HTTP Response Smuggling.This issue affects libhv: through 1.3.3...

CVE-2025-1867 HTTP Response Smuggling Vulnerability in libhv

Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in ithewei libhv allows HTTP Response Smuggling.This issue affects libhv: through 1.3.3...

Important: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

BIT-HAPROXY-2024-53008

Inconsistent interpretation of HTTP requests 'HTTP Request/Response Smuggling' issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL Access Control List set on the product. As a result, the attacker may obtain sensitive...

CVE-2024-53008

Inconsistent interpretation of HTTP requests 'HTTP Request/Response Smuggling' issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL Access Control List set on the product. As a result, the attacker may obtain sensitive...