Lucene search
K

1803 matches found

Nuclei
Nuclei
added 9 hours ago30 views

Apache2 - Transfer-Encoding Chunked XSS

Apache2 PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 contain a reflected cross-site scripting vulnerability caused by mishandling of chunked transfer-encoding requests in sapi/apache2handler/sapiapache2.c. Attackers can execute malicious scripts via crafted...

6.1CVSS6.7AI score0.04103EPSS
Exploits1References5
NVD
NVD
added 2026/07/06 11:16 a.m.10 views

CVE-2026-56810

Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint mint Mint.HTTP1 module allows a denial of service via an oversized chunked transfer-encoded response. This vulnerability is associated with program files lib/mint/http1.ex and program routines...

8.7CVSS0.00344EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/06 9:17 a.m.31 views

CVE-2026-56810 mint buffers an entire chunked response chunk in memory in Mint.HTTP1.decode_body/5

Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint mint Mint.HTTP1 module allows a denial of service via an oversized chunked transfer-encoded response. This vulnerability is associated with program files lib/mint/http1.ex and program routines...

8.7CVSS0.00344EPSS
Exploits0References4
OSV
OSV
added 2026/07/06 9:17 a.m.4 views

EEF-CVE-2026-56810 mint buffers an entire chunked response chunk in memory in Mint.HTTP1.decode_body/5

Summary Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint mint Mint.HTTP1 module allows a denial of service via an oversized chunked transfer-encoded response. This vulnerability is associated with program files lib/mint/http1.ex and program routines...

8.7CVSS6AI score0.00344EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/06 9:17 a.m.6 views

CVE-2026-56810

Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint mint Mint.HTTP1 module allows a denial of service via an oversized chunked transfer-encoded response. This vulnerability is associated with program files lib/mint/http1.ex and program routines...

8.7CVSS6AI score0.00344EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/07/06 9:17 a.m.5 views

EUVD-2026-41862

Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint mint Mint.HTTP1 module allows a denial of service via an oversized chunked transfer-encoded response. This vulnerability is associated with program files lib/mint/http1.ex and program routines...

8.7CVSS6AI score0.00344EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/07/06 9:17 a.m.5 views

CVE-2026-56810 mint buffers an entire chunked response chunk in memory in Mint.HTTP1.decode_body/5

Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint mint Mint.HTTP1 module allows a denial of service via an oversized chunked transfer-encoded response. This vulnerability is associated with program files lib/mint/http1.ex and program routines...

8.7CVSS6AI score0.00344EPSS
Exploits0References4
OSV
OSV
added 2026/07/06 9:17 a.m.3 views

CVE-2026-56810 mint buffers an entire chunked response chunk in memory in Mint.HTTP1.decode_body/5

Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint mint Mint.HTTP1 module allows a denial of service via an oversized chunked transfer-encoded response. This vulnerability is associated with program files lib/mint/http1.ex and program routines...

8.7CVSS6AI score0.00344EPSS
Exploits0References9
CVE
CVE
added 2026/07/06 9:17 a.m.15 views

CVE-2026-56810

CVE-2026-56810 affects mint: a memory-denial vulnerability in Mint.HTTP1.decode_body/5 where chunked HTTP response bodies are buffered in an unbounded data_buffer until the entire declared chunk length completes. The chunk size is parsed with no upper bound, enabling a remote attacker to send an ...

8.7CVSS6AI score0.00344EPSS
Exploits0References4
NVD
NVD
added 2026/07/02 12:16 p.m.5 views

CVE-2026-11946

An unauthenticated remote attacker can exhaust server memory via the GetEndpoints Discovery Service in open62541. The endpointUrl field of GetEndpointsRequest is not validated for length. An attacker can declare an arbitrarily large string up to 4.09 GB via the UInt32 length field delivered acros...

7.5CVSS0.00386EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.6 views

io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values

A flaw was found in Netty. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 chunked transfer encoding extension values. Due to incorrect parsing of quoted strings, this flaw enables request smuggling attacks, potentially allowing an attacker to bypass...

7.5CVSS6.6AI score0.0064EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.5 views

netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions

A flaw in Netty’s HTTP/1.1 chunked encoding parser allows newline LF characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same...

7.5CVSS6.6AI score0.00631EPSS
Exploits1References11
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-348 h11 accepts some malformed Chunked-Encoding bodies

Impact A leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. Details HTTP/1.1 Chunked-Encoding bodies are formatted as a sequence of "chunks", each of which consists of: - chunk length - \r\n - leng...

9.1CVSS5.8AI score0.00527EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/24 6:8 a.m.4 views

Security Bulletin: IBM Sterling External Authentication Server is vulnerable to multiple issues

Summary Multiple vulnerabilities affect IBM Sterling External Authentication Server and are addressed in the latest release and ifix Vulnerability Details CVEID:CVE-2026-2332 DESCRIPTION: In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used,...

9.1CVSS5.9AI score0.01127EPSS
Exploits3Affected Software1
OSV
OSV
added 2026/06/23 9:59 p.m.4 views

GHSA-R6FJ-869H-4F6Q OHttpVersionChunkDraft: Missing Final-Chunk Enforcement Leads to Undetected Stream Truncation

The codec-ohttp implementation of draft-ietf-ohai-chunked-ohttp does not verify that a cryptographically-signed final chunk was received before the outer HTTP body terminates. An on-path adversary the OHTTP relay itself, or any MITM on the relay↔gateway or relay↔client transport can forward a...

8.7CVSS5.9AI score0.00167EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/23 9:59 p.m.13 views

EUVD-2026-34311

OHttpVersionChunkDraft: Missing Final-Chunk Enforcement Leads to Undetected Stream Truncation...

8.7CVSS5.8AI score0.00167EPSS
Exploits0References3
OSV
OSV
added 2026/06/18 9:28 p.m.8 views

MGASA-2026-0226 Updated ruby-rack packages fix security vulnerabilities

CVE-2026-26961 Greedy multipart boundary parsing can cause parser differentials and WAF bypass. Forwarded header semicolon injection enables Host and Scheme spoofing. CVE-2026-34230 Quadratic complexity in Rack::Utils.selectbestencoding via wildcard Accept-Encoding header. CVE-2026-34763 Root...

7.5CVSS5.2AI score0.00475EPSS
Exploits2References14
EUVD
EUVD
added 2026/06/17 7:48 p.m.13 views

EUVD-2026-37789

Tinyproxy through 1.11.3, fixed in commit ff45d3b, fails to reconcile conflicting Content-Length and Transfer-Encoding: chunked headers, forwarding both verbatim to the backend while using Content-Length to determine how many request body bytes to consume. Remote attackers can desynchronize the...

9.3CVSS5.5AI score0.00439EPSS
Exploits0References4
OSV
OSV
added 2026/06/15 8:23 p.m.9 views

GHSA-V9PG-7XVM-68HF python-multipart: Negative Content-Length in parse_form buffers the entire body in memory

Summary parseform did not validate the Content-Length header before using it to bound its chunked read of the request body. A negative Content-Length turned the bounded read into a read-until-EOF, so the entire body was loaded into memory in a single read instead of in fixed-size chunks. Details...

3.7CVSS5.5AI score0.00217EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/15 8:23 p.m.12 views

python-multipart: Negative Content-Length in parse_form buffers the entire body in memory

Summary parseform did not validate the Content-Length header before using it to bound its chunked read of the request body. A negative Content-Length turned the bounded read into a read-until-EOF, so the entire body was loaded into memory in a single read instead of in fixed-size chunks. Details...

3.7CVSS5.5AI score0.00217EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder