Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/29 5:24 a.m.10 views

CVE-2026-6324

A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the soupbodyinputstreamreadchunked function by sending a malicious HTTP request. This vulnerability occurs when libsoup operates behind a non-libsoup proxy server or as a proxy in front of a...

4.8CVSS5.8AI score0.00872EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/13 1:36 p.m.47 views

CVE-2026-39803 HTTP/1 chunked body reader ignores length cap in bandit

Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated remote denial of service via memory exhaustion. The chunked clause of 'Elixir.Bandit.HTTP1.Socket':readdata/2 in lib/bandit/http1/socket.ex ignores the caller-supplied :length option when...

8.7CVSS0.00642EPSS
Exploits1References4
Snyk
Snyk
added 2025/04/24 6:46 p.m.2 views

HTTP Request Smuggling

Overview h11 is an A pure-Python, bring-your-own-I/O implementation of HTTP/1.1 Affected versions of this package are vulnerable to HTTP Request Smuggling via the class ChunkedReader in readers.py file, which performs the parsing of line terminators in chunked-coding message bodies. An attacker c...

9.3CVSS7AI score0.00522EPSS
Exploits0References2
OSV
OSV
added 2023/12/06 5:15 p.m.1 views

DEBIAN-CVE-2023-39326

A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data up to about...

5.3CVSS6.6AI score0.01208EPSS
Exploits0References1
Rows per page
Query Builder