Lucene search
K

5 matches found

CVE
CVE
added 2026/04/02 3:55 p.m.41 views

CVE-2025-65114

CVE-2025-65114 affects Apache Traffic Server where malformed chunked messages enable HTTP request smuggling. Affected versions: 9.0.0–9.2.12 and 10.0.0–10.1.1. The issue is mitigated by upgrading to 9.2.13 or 10.1.2, which include the fix for the chunked encoding parser and related handling (Fedo...

7.5CVSS5.8AI score0.00428EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/12/04 5:15 p.m.10 views

CVE-2025-66373

Akamai Ghost on Akamai CDN edge servers before 2025-11-17 has a chunked request body processing error that can result in HTTP request smuggling. When Akamai Ghost receives an invalid chunked body that includes a chunk size different from the actual size of the following chunk data, under certain...

4.8CVSS5.8AI score0.00238EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.4 views

Astra Linux – Vulnerability in python-h11

h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a lack of strict parsing of line terminators in chunked-coded message bodies in h11 could lead to request smuggling vulnerabilities under certain conditions. This issue has been fixed in version 0.16.0. Since exploiting these...

9.1CVSS7AI score0.00527EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/04/04 12:0 a.m.47 views

Golang 1.24 < 1.24.2

The version of Golang running on the remote host is 1.24 prior to 1.24.2. It is, therefore, is affected by multiple vulnerabilities: - Unlike request headers, where we are allowed to leniently accept a bare LF in place of a CRLF, chunked bodies must always use CRLF line terminators. We were alrea...

9.1CVSS7.2AI score0.00724EPSS
Exploits0References3
Snyk
Snyk
added 2021/10/13 11:20 a.m.4 views

HTTP Request Smuggling

Overview llhttp is a set of Ruby bindings for llhttp. Affected versions of this package are vulnerable to HTTP Request Smuggling via llhttp. The parse ignores chunk extensions when parsing the body of chunked requests. Remediation There is no fixed version for llhttp. References - GitHub Commit -...

6.5CVSS7AI score0.02299EPSS
Exploits1References2
Rows per page
Query Builder