EUVD-2020-0109

Malware in sbrugna...

Unity Linux 20.1070e Security Update: rubygem-webrick (UTSA-2025-673493)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-673493 advisory. An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a...

EUVD-2025-6969

Malicious code in bioql PyPI...

EUVD-2024-1316

Malicious code in bioql PyPI...

EUVD-2023-2224

Malicious code in bioql PyPI...

EUVD-2025-29042

Malicious code in bioql PyPI...

EUVD-2018-8862

Malicious code in bioql PyPI...

EUVD-2024-0323

Malicious code in bioql PyPI...

EUVD-2022-24990

Malicious code in bioql PyPI...

EUVD-2025-21055

Malicious code in bioql PyPI...

CVE-2025-59139

Hono is a Web application framework that provides support for any JavaScript runtime. In versions prior to 4.9.7, a flaw in the bodyLimit middleware could allow bypassing the configured request body size limit when conflicting HTTP headers were present. The middleware previously prioritized the...

GHSA-92VJ-G62V-JQHH Hono has Body Limit Middleware Bypass

Summary A flaw in the bodyLimit middleware could allow bypassing the configured request body size limit when conflicting HTTP headers were present. Details The middleware previously prioritized the Content-Length header even when a Transfer-Encoding: chunked header was also included. According to...

Hono has Body Limit Middleware Bypass

Summary A flaw in the bodyLimit middleware could allow bypassing the configured request body size limit when conflicting HTTP headers were present. Details The middleware previously prioritized the Content-Length header even when a Transfer-Encoding: chunked header was also included. According to...

CVE-2025-59139

Hono is a Web application framework that provides support for any JavaScript runtime. In versions prior to 4.9.7, a flaw in the bodyLimit middleware could allow bypassing the configured request body size limit when conflicting HTTP headers were present. The middleware previously prioritized the...

HTTP Request Smuggling

Overview hono is an Ultrafast web framework for the Edges Affected versions of this package are vulnerable to HTTP Request Smuggling via the bodyLimit middleware when conflicting HTTP headers are present. An attacker can cause excessive memory or CPU consumption by sending oversized request bodie...

CVE-2025-59139 Hono has Body Limit Middleware Bypass

Hono is a Web application framework that provides support for any JavaScript runtime. In versions prior to 4.9.7, a flaw in the bodyLimit middleware could allow bypassing the configured request body size limit when conflicting HTTP headers were present. The middleware previously prioritized the...

CVE-2025-59139

CVE-2025-59139 affects the Hono web framework (pre-4.9.7). A flaw in the bodyLimit middleware allowed bypassing the configured request body size limit when conflicting headers were present, because Content-Length could be prioritized over Transfer-Encoding: chunked. The HTTP spec requires Transfe...

CVE-2025-59139 Hono has Body Limit Middleware Bypass

Hono is a Web application framework that provides support for any JavaScript runtime. In versions prior to 4.9.7, a flaw in the bodyLimit middleware could allow bypassing the configured request body size limit when conflicting HTTP headers were present. The middleware previously prioritized the...

CVE-2025-59139 Hono has Body Limit Middleware Bypass

Hono is a Web application framework that provides support for any JavaScript runtime. In versions prior to 4.9.7, a flaw in the bodyLimit middleware could allow bypassing the configured request body size limit when conflicting HTTP headers were present. The middleware previously prioritized the...

PT-2025-37316

Name of the Vulnerable Software and Affected Versions: Hono versions prior to 4.9.7 Description: Hono is a Web application framework that provides support for any JavaScript runtime. A flaw in the bodyLimit middleware could allow bypassing the configured request body size limit when conflicting...