GHSA-VQFR-H8MV-GHFJ h11 accepts some malformed Chunked-Encoding bodies

Impact A leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. Details HTTP/1.1 Chunked-Encoding bodies are formatted as a sequence of "chunks", each of which consists of: - chunk length - \r\n - leng...

OESA-2024-2172 nodejs security update

Node.js is an open-source, cross-platform, JavaScript runtime environment, it executes JavaScript code outside of a browser. Security Fixes: Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL which are unpatched are vulnerable to t...

Apache 1.3.x + Tomcat 4.0.x4.1.x mod_jk - Chunked Encoding Denial of Service

Apache 1.3.x + Tomcat 4.0.x4.1.x modjk - Chunked Encoding Denial of Service source: https://www.securityfocus.com/bid/6320/info Apache Webserver and Tomcat are HTTP servers maintained and distributed by the Apache project. Apache Webserver and Tomcat are available for the Unix, Linux, and Microso...