4 matches found
CVE-2026-7790
A flaw was found in ninenines cowlib, specifically within the cowhttpte module's chunked transfer-encoding parser. An unauthenticated remote attacker can exploit this by sending an HTTP/1.1 request containing a Transfer-Encoding: chunked header with an excessively long hexadecimal string in the...
EUVD-2026-29200
Uncontrolled Resource Consumption vulnerability in ninenines cowlib cowhttpte module allows Excessive Allocation. The chunked transfer-encoding parser in cowhttpte accepts an unbounded number of hex digits in the chunk-size field. Each digit causes a bignum multiplication Len 16 + digit, so parsi...
cowlib cow_http_te module: Uncontrolled Resource Consumption vulnerability allows Excessive Allocation
Uncontrolled Resource Consumption vulnerability in ninenines cowlib cowhttpte module allows Excessive Allocation. The chunked transfer-encoding parser in cowhttpte accepts an unbounded number of hex digits in the chunk-size field. Each digit causes a bignum multiplication Len 16 + digit, so parsi...
CVE-2026-7790
Uncontrolled Resource Consumption vulnerability in ninenines cowlib cowhttpte module allows Excessive Allocation. The chunked transfer-encoding parser in cowhttpte accepts an unbounded number of hex digits in the chunk-size field. Each digit causes a bignum multiplication Len 16 + digit, so parsi...