Lucene search
+L

6 matches found

redhat
redhat
added 2026/07/02 3:43 p.m.3 views

No title provided

ruby webrick through v1.9.2 WEBrick reparses trailer Content-Length into canonical request state, enabling request smuggling. NOTE: the Supplier reports that "The project README states that it is suitable for testing and development, and that its developers do not encourage its use to serve...

6.1AI score0.00352EPSS
Exploits0References2
cvelist
cvelist
added 2026/03/26 1:46 p.m.28 views

CVE-2026-33397 Angular SSR Vulnerable to Protocol-Relative URL Injection via Single Backslash Bypass

The Angular SSR is a server-rise rendering tool for Angular applications. Versions on the 22.x branch prior to 22.0.0-next.2, the 21.x branch prior to 21.2.3, and the 20.x branch prior to 20.3.21 have an Open Redirect vulnerability in @angular/ssr due to an incomplete fix for CVE-2026-27738. Whil...

6.9CVSS0.00255EPSS
Exploits0References3
openvas
openvas
added 2025/08/22 12:0 a.m.3 views

Ubuntu: Security Advisory (USN-7709-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.5AI score0.00422EPSS
Exploits0References2
ubuntu
ubuntu
added 2025/08/21 1:53 p.m.5 views

USN-7709-1: WEBrick vulnerability

It was discovered that WEBrick incorrectly parsed HTTP headers. In configurations where WEBrick is placed behind an HTTP proxy, a remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack...

6.5CVSS6.9AI score0.00422EPSS
Exploits0
redhat
redhat
added 2022/11/17 5:20 p.m.4 views

puma-5.6.4: http request smuggling vulnerabilities

A HTTP request smuggling flaw was found in puma. This issue occurs when using puma behind a proxy. Puma does not validate incoming HTTP requests, as per RFC specification, leading to loss of integrity...

9.1CVSS7.1AI score0.0214EPSS
Exploits0References4
redhat
redhat
added 2022/04/07 12:7 p.m.11 views

waitress: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')

An Inconsistent Interpretation of HTTP Requests HTTP Request Smuggling flaw was found in Waitress when used behind a proxy that does not properly validate the incoming HTTP request. This flaw allows an attacker to smuggle requests via the front-end proxy to Waitress, resulting in a loss of data...

7.5CVSS7.1AI score0.0178EPSS
Exploits0References5
Rows per page
Query Builder