EEF-CVE-2026-39803 HTTP/1 chunked body reader ignores length cap in bandit

Summary Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated remote denial of service via memory exhaustion. The chunked clause of 'Elixir.Bandit.HTTP1.Socket':readdata/2 in lib/bandit/http1/socket.ex ignores the caller-supplied :length optio...

Integer Coercion Error

Overview Affected versions of this package are vulnerable to Integer Coercion Error in the ippReadChunkedBody function of the zerogod IPP Service component. An attacker can cause a denial of service by sending specially crafted IPP requests that trigger an integer coercion error during processing...

CVE-2026-8275

A vulnerability was detected in bettercap up to 2.41.5. Affected by this vulnerability is the function ippReadChunkedBody of the file modules/zerogod/zerogodippprimitives.go of the component zerogod IPP Service. Performing a manipulation results in integer coercion error. The attack can be...

CVE-2026-8275

bettercap up to 2.41.5 is affected by a vulnerability in zerogod IPP Service: the function ippReadChunkedBody in zerogod_ipp_primitives.go is vulnerable to a manipulation that causes an integer coercion error. The attack can be initiated remotely and is described as high complexity with exploitat...

CVE-2025-66373

Akamai Ghost on Akamai CDN edge servers before 2025-11-17 has a chunked request body processing error that can result in HTTP request smuggling. When Akamai Ghost receives an invalid chunked body that includes a chunk size different from the actual size of the following chunk data, under certain...

CVE-2025-66373

Akamai Ghost on Akamai CDN edge servers before 2025-11-17 has a chunked request body processing error that can result in HTTP request smuggling. When Akamai Ghost receives an invalid chunked body that includes a chunk size different from the actual size of the following chunk data, under certain...

CVE-2025-66373

Akamai Ghost on Akamai CDN edge servers before 2025-11-17 has a chunked request body processing error that can result in HTTP request smuggling. When Akamai Ghost receives an invalid chunked body that includes a chunk size different from the actual size of the following chunk data, under certain...

PT-2025-48787

Name of the Vulnerable Software and Affected Versions Akamai affected versions not specified Description A flaw exists in Akamai that allows for HTTP request smuggling due to an invalid chunked body size. This issue, identified as a discrepancy between the chunk size and chunk data, enabled...

EUVD-2021-7709

Malicious code in bioql PyPI...

SUSE CVE-2021-20275

A flaw was found in privoxy before 3.0.32. A invalid read of size two may occur in chunkedbodyiscomplete leading to denial of service...

DEBIAN-CVE-2021-20275

A flaw was found in privoxy before 3.0.32. A invalid read of size two may occur in chunkedbodyiscomplete leading to denial of service...

ALPINE-CVE-2021-20275

A flaw was found in privoxy before 3.0.32. A invalid read of size two may occur in chunkedbodyiscomplete leading to denial of service...

Denial of service

A flaw was found in privoxy before 3.0.32. A invalid read of size two may occur in chunkedbodyiscomplete leading to denial of service...

Denial Of Service (DoS)

privoxy is vulnerable to denial of service DoS. The vulnerability exists through the chunkedbodyiscomplete where an invalid read of size two can occur...