Lucene search
K

5 matches found

OSV
OSV
added 2025/05/09 12:43 p.m.3 views

OESA-2025-1496 python-h11 security update

h11 is suitable for implementing both servers and clients, and has a pleasantly symmetric API: the events you send as a client are exactly the ones that you receive as a server and vice-versa. Security Fixes: h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's...

9.1CVSS6.9AI score0.00522EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/05/02 8:11 a.m.4 views

Security update for python-h11

This update for python-h11 fixes the following issues: CVE-2025-43859: leniency when parsing of line terminators in chunked-coding message bodies can lead to request smuggling. bsc1241872 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

9.3CVSS7.8AI score0.00522EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/04/26 6:21 p.m.15 views

CVE-2025-43859

A flaw was found in the h11. This vulnerability allows request smuggling via improper parsing of chunked-coding message bodies, where h11 fails to validate the required \r\n terminators. Mitigation Ensuring any applications using h11 are behind a correctly configured reverse proxy will prevent...

7.4CVSS8.9AI score0.00522EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/04/25 12:44 p.m.3 views

SUSE CVE-2025-43859

h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since exploitation requires...

9.1CVSS6.9AI score0.00522EPSS
Exploits0References6
NVD
NVD
added 2025/04/24 7:15 p.m.17 views

CVE-2025-43859

h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since exploitation requires...

9.1CVSS0.00522EPSS
Exploits0References2
Rows per page
Query Builder