534 matches found
CVE-2025-66373
Akamai Ghost on Akamai CDN edge servers prior to 2025-11-17 is affected by a chunked request body processing error that can cause HTTP request smuggling when an invalid chunked body includes a chunk size that differs from the following data. The issue can forward the invalid request and superfluo...
CVE-2025-66373: HTTP Request Smuggling Due to Invalid Chunked Body Size
...
TencentOS Server 3: container-tools:4.0 (TSSA-2024:0104)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0104 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
File Browser has risk of HTTP Request/Response smuggling through vulnerable dependency
The standard library net/http package dependency used by File Browser improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. I can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a...
PT-2026-6059
Name of the Vulnerable Software and Affected Versions libsoup affected versions not specified Description An HTTP Request Smuggling issue exists in libsoup, an HTTP client/server library. The problem stems from non-RFC-compliant parsing within the soup filter input stream read line function,...
netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions
A flaw in Netty’s HTTP/1.1 chunked encoding parser allows newline LF characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same...
netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions
A flaw in Netty’s HTTP/1.1 chunked encoding parser allows newline LF characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same...
netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions
A flaw in Netty’s HTTP/1.1 chunked encoding parser allows newline LF characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same...
netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions
A flaw in Netty’s HTTP/1.1 chunked encoding parser allows newline LF characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same...
Security update for rubygem-puma
This update for rubygem-puma fixes the following issues: Update to version 5.6.9. CVE-2024-45614: improper header normalization allows for clients to clobber proxy set headers, which can lead to information leaks bsc1230848, fixed in an earlier update. CVE-2024-21647: unbounded resource consumpti...
SUSE-SU-2025:03467-1 Security update for rubygem-puma
This update for rubygem-puma fixes the following issues: Update to version 5.6.9. - CVE-2024-45614: improper header normalization allows for clients to clobber proxy set headers, which can lead to information leaks bsc1230848, fixed in an earlier update. - CVE-2024-21647: unbounded resource...
Security update for rubygem-puma
This update for rubygem-puma fixes the following issues: Update to version 5.6.9. CVE-2024-45614: improper header normalization allows for clients to clobber proxy set headers, which can lead to information leaks bsc1230848, fixed in an earlier update. CVE-2024-21647: unbounded resource consumpti...
SUSE-SU-2025:03466-1 Security update for rubygem-puma
This update for rubygem-puma fixes the following issues: Update to version 5.6.9. - CVE-2024-45614: improper header normalization allows for clients to clobber proxy set headers, which can lead to information leaks bsc1230848, fixed in an earlier update. - CVE-2024-21647: unbounded resource...
EUVD-2002-2372
Malware in sbrugna...
EUVD-2019-7046
Malware in sbrugna...
EUVD-2019-7904
Malware in sbrugna...
EUVD-2020-0229
Malware in sbrugna...
EUVD-2017-14739
Malware in sbrugna...
EUVD-2024-29492
Malicious code in bioql PyPI...
EUVD-2022-36266
Malicious code in bioql PyPI...