5 matches found
python-eventlet: Eventlet HTTP request smuggling
A request smuggling flaw was found in the Eventlet PyPI library. The Eventlet WSGI parser is vulnerable to HTTP Request Smuggling due to improper handling of HTTP trailer sections. This vulnerability allows attackers to bypass front-end security controls, launch targeted attacks against active si...
SUSE-SU-2025:03202-1 Security update for python-eventlet
This update for python-eventlet fixes the following issues: - CVE-2025-58068: improper handling of HTTP trailer sections in WSGI parser leads to HTTP request smuggling bsc1248994...
Security update for python-eventlet
This update for python-eventlet fixes the following issues: CVE-2025-58068: improper handling of HTTP trailer sections in WSGI parser leads to HTTP request smuggling bsc1248994. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
SUSE-SU-2025:03051-1 Security update for python-eventlet
This update for python-eventlet fixes the following issues: - CVE-2025-58068: improper handling of HTTP trailer sections in WSGI parser leads to HTTP request smuggling bsc1248994...
CVE-2025-58068
Eventlet is a concurrent networking library for Python. Prior to version 0.40.3, the Eventlet WSGI parser is vulnerable to HTTP Request Smuggling due to improper handling of HTTP trailer sections. This vulnerability could enable attackers to, bypass front-end security controls, launch targeted...