Lucene search
K

3 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/12/17 10:3 a.m.14 views

Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in net/http/internal CVE-2025-22871

Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in net/http/internal CVE-2025-22871 Vulnerability Details CVEID:CVE-2025-22871 DESCRIPTION: The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This...

9.1CVSS6.5AI score0.00724EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/28 11:36 a.m.8 views

Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in net/http/internal CVE-2025-22871

Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in net/http/internal CVE-2025-22871 Vulnerability Details CVEID:CVE-2025-22871 DESCRIPTION: The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This...

9.1CVSS6.5AI score0.00724EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2025/07/08 11:17 p.m.2 views

net/http: Request smuggling due to acceptance of invalid chunked data in net/http

A flaw was found in the net/http golang package. The net/http package incorrectly accepts messages that end with a line feed LF instead of the proper line ending. When used with another server that also misinterprets this, it can lead to request smuggling—where an attacker tricks the system to se...

9.1CVSS7.1AI score0.00724EPSS
Exploits0References8
Rows per page
Query Builder