Lucene search
K

21 matches found

CVE
CVE
added 2026/05/29 5:24 a.m.28 views

CVE-2026-6324

Affected software: libsoup. Vulnerability: unsigned-to-signed conversion error in soup_body_input_stream_read_chunked(). Impact: remote attacker can bypass security controls, poison web caches, or gain unauthorized access when libsoup sits behind or fronts a non-libsoup server. Context: exploit v...

4.8CVSS5.8AI score0.00872EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-6324

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the soupbodyinputstreamreadchunked function by sending a...

4.8CVSS5.8AI score0.00872EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/08 9:0 p.m.3 views

HTTP Request Smuggling

Overview org.apache.tomcat:tomcat-coyote is a Tomcat Connectors and HTTP parser. Affected versions of this package are vulnerable to HTTP Request Smuggling in ChunkedInputFilter, when handling HTTP/1.1 requests with invalid chunk extensions. An attacker can interfere with the interpretation of HT...

8.2CVSS5.8AI score0.00453EPSS
Exploits0References2
OSV
OSV
added 2026/01/30 12:28 p.m.8 views

OESA-2026-1270 runc security update

runc is a CLI tool for spawning and running containers according to the OCI specification. Security Fixes: A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer to log a single-line payload larger than 64KB without newline characters. Due to limitations in...

7.5CVSS5.9AI score0.00585EPSS
Exploits1References2
NVD
NVD
added 2025/12/04 7:16 p.m.3 views

CVE-2025-65637

A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with "token too long" and the writer pipe is closed, leaving...

7.5CVSS0.00585EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2025/02/14 5:50 a.m.3 views

SUSE CVE-2024-2410

The JsonToBinaryStream function is part of the protocol buffers C++ implementation and is used to parse JSON from a stream. If the input is broken up into separate chunks in a certain way, the parser will attempt to read bytes from a chunk that has already been freed...

7.6CVSS7.3AI score0.00332EPSS
Exploits0References5
OSV
OSV
added 2024/05/03 1:15 p.m.7 views

AZL-51077 CVE-2024-2410 affecting package mysql for versions less than 8.0.40-2

The JsonToBinaryStream function is part of the protocol buffers C++ implementation and is used to parse JSON from a stream. If the input is broken up into separate chunks in a certain way, the parser will attempt to read bytes from a chunk that has already been freed...

9.8CVSS5.7AI score0.00332EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:32 a.m.1 views

SUSE CVE-2014-0227

java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote attackers to conduct HTTP request smuggling attacks...

6.4CVSS6.7AI score0.21045EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.6 views

The vulnerability of the Apache Tomcat software allows a malicious attacker to compromise the accessibility of protected information.

A full-integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat allows malicious actors to trigger a service failure excessive resource consumption by using an incorrect chunk size when encoding requests in chunks during...

5CVSS6.6AI score0.2006EPSS
Exploits1References5Affected Software1
RedHat Linux
RedHat Linux
added 2015/05/14 3:14 p.m.7 views

Tomcat/JBossWeb: request smuggling and limited DoS in ChunkedInputFilter

It was discovered that the ChunkedInputFilter in Tomcat did not fail subsequent attempts to read input after malformed chunked encoding was detected. A remote attacker could possibly use this flaw to make Tomcat process part of the request body as new request, or cause a denial of service...

6.4CVSS6.7AI score0.21045EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2015/05/12 6:20 p.m.3 views

Tomcat/JBossWeb: request smuggling and limited DoS in ChunkedInputFilter

It was discovered that the ChunkedInputFilter in Tomcat did not fail subsequent attempts to read input after malformed chunked encoding was detected. A remote attacker could possibly use this flaw to make Tomcat process part of the request body as new request, or cause a denial of service...

6.4CVSS6.7AI score0.21045EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2015/03/31 5:0 p.m.4 views

Tomcat/JBossWeb: request smuggling and limited DoS in ChunkedInputFilter

It was discovered that the ChunkedInputFilter in Tomcat did not fail subsequent attempts to read input after malformed chunked encoding was detected. A remote attacker could possibly use this flaw to make Tomcat process part of the request body as new request, or cause a denial of service...

6.4CVSS6.7AI score0.21045EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2015/03/11 4:51 p.m.4 views

Tomcat/JBossWeb: request smuggling and limited DoS in ChunkedInputFilter

It was discovered that the ChunkedInputFilter in Tomcat did not fail subsequent attempts to read input after malformed chunked encoding was detected. A remote attacker could possibly use this flaw to make Tomcat process part of the request body as new request, or cause a denial of service...

6.4CVSS6.7AI score0.21045EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2015/02/17 10:27 p.m.3 views

Tomcat/JBossWeb: request smuggling and limited DoS in ChunkedInputFilter

It was discovered that the ChunkedInputFilter in Tomcat did not fail subsequent attempts to read input after malformed chunked encoding was detected. A remote attacker could possibly use this flaw to make Tomcat process part of the request body as new request, or cause a denial of service...

6.4CVSS6.7AI score0.21045EPSS
Exploits0References6
OSV
OSV
added 2015/02/15 12:0 a.m.2 views

UBUNTU-CVE-2014-0227

java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote attackers to conduct HTTP request smuggling attacks...

6.4CVSS6.8AI score0.21045EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/01/27 4:22 p.m.4 views

Tomcat/JBossWeb: request smuggling and limited DoS in ChunkedInputFilter

It was discovered that the ChunkedInputFilter in Tomcat did not fail subsequent attempts to read input after malformed chunked encoding was detected. A remote attacker could possibly use this flaw to make Tomcat process part of the request body as new request, or cause a denial of service...

6.4CVSS6.7AI score0.21045EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2014/11/25 4:48 p.m.5 views

Tomcat/JBossWeb: request smuggling and limited DoS in ChunkedInputFilter

It was discovered that the ChunkedInputFilter in Tomcat did not fail subsequent attempts to read input after malformed chunked encoding was detected. A remote attacker could possibly use this flaw to make Tomcat process part of the request body as new request, or cause a denial of service...

6.4CVSS6.7AI score0.21045EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2014/08/21 3:30 p.m.4 views

Tomcat/JBossWeb: request smuggling and limited DoS in ChunkedInputFilter

It was discovered that the ChunkedInputFilter in Tomcat did not fail subsequent attempts to read input after malformed chunked encoding was detected. A remote attacker could possibly use this flaw to make Tomcat process part of the request body as new request, or cause a denial of service...

6.4CVSS6.7AI score0.21045EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2014/08/06 3:6 p.m.4 views

Tomcat/JBossWeb: request smuggling and limited DoS in ChunkedInputFilter

It was discovered that the ChunkedInputFilter in Tomcat did not fail subsequent attempts to read input after malformed chunked encoding was detected. A remote attacker could possibly use this flaw to make Tomcat process part of the request body as new request, or cause a denial of service...

6.4CVSS6.7AI score0.21045EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2014/08/06 3:3 p.m.5 views

Tomcat/JBossWeb: request smuggling and limited DoS in ChunkedInputFilter

It was discovered that the ChunkedInputFilter in Tomcat did not fail subsequent attempts to read input after malformed chunked encoding was detected. A remote attacker could possibly use this flaw to make Tomcat process part of the request body as new request, or cause a denial of service...

6.4CVSS6.7AI score0.21045EPSS
Exploits0References6
Rows per page
Query Builder