Lucene search
+L

13 matches found

NVD
NVD
added yesterday5 views

CVE-2026-44981

CrowdSec offers crowdsourced protection against malicious IPs. From 1.7.0 until 1.7.8, the LAPI router used gin-contrib/gzip with DefaultDecompressHandle globally in pkg/apiserver/controllers/controller.go, causing /v1/watchers and /v1/watchers/login to decompress unauthenticated gzip-compressed...

8.2CVSS0.00115EPSS
Exploits0References3
CVE
CVE
added yesterday31 views

CVE-2026-44982

CVE-2026-44982 affects CrowdSec AppSec. The bug in pkg/appsec/request.go NewParsedRequestFromRequest reads the body using max(r.ContentLength, 0), causing HTTP/1.1 chunked and HTTP/2 without Content-Length to appear with an empty body, bypassing body-inspection rules (REQUEST_BODY, BODY_ARGS, ARG...

7.2CVSS6.1AI score0.00038EPSS
Exploits0References5
CVE
CVE
added yesterday23 views

CVE-2026-44981

CrowdSec LAPI is affected. The LAPI router uses gin-contrib/gzip with DefaultDecompressHandle globally in pkg/apiserver/controllers/controller.go, causing unauthenticated gzip payloads to be decompressed on /v1/watchers and /v1/watchers/login without a maximum decompressed size, which can trigger...

8.2CVSS6.1AI score0.00115EPSS
Exploits0References3
Cvelist
Cvelist
added yesterday23 views

CVE-2026-44981 CrowdSec LAPI: Denial of Service via Unbounded Gzip Decompression

CrowdSec offers crowdsourced protection against malicious IPs. From 1.7.0 until 1.7.8, the LAPI router used gin-contrib/gzip with DefaultDecompressHandle globally in pkg/apiserver/controllers/controller.go, causing /v1/watchers and /v1/watchers/login to decompress unauthenticated gzip-compressed...

8.2CVSS0.00115EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 10:34 p.m.4 views

GO-2026-5641 CrowdSec AppSec silently drops request body for chunked / HTTP-2 requests in github.com/crowdsecurity/crowdsec

CrowdSec AppSec silently drops request body for chunked / HTTP-2 requests in github.com/crowdsecurity/crowdsec...

7.2CVSS5.8AI score0.00038EPSS
Exploits0References1
OSV
OSV
added 2026/06/16 11:55 p.m.8 views

GO-2026-5041 CrowdSec LAPI: Denial of Service via Unbounded Gzip Decompression in github.com/crowdsecurity/crowdsec

CrowdSec LAPI: Denial of Service via Unbounded Gzip Decompression in github.com/crowdsecurity/crowdsec...

8.2CVSS5.3AI score0.00115EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/27 7:58 p.m.16 views

CrowdSec AppSec silently drops request body for chunked / HTTP-2 requests

Summary The CrowdSec AppSec component fails to read the HTTP request body for any request whose Content-Length is not positive — most notably HTTP/1.1 requests using Transfer-Encoding: chunked and HTTP/2 requests sent without a content-length header. Coraza is then evaluated against an empty body...

7.2CVSS5.9AI score0.00038EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/27 7:58 p.m.7 views

GHSA-RW47-HM26-6WR7 CrowdSec AppSec silently drops request body for chunked / HTTP-2 requests

Summary The CrowdSec AppSec component fails to read the HTTP request body for any request whose Content-Length is not positive — most notably HTTP/1.1 requests using Transfer-Encoding: chunked and HTTP/2 requests sent without a content-length header. Coraza is then evaluated against an empty body...

7.2CVSS5.9AI score0.00038EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/27 7:57 p.m.14 views

CrowdSec LAPI: Denial of Service via Unbounded Gzip Decompression

The LAPI router uses gin-contrib/gzip with DefaultDecompressHandle globally pkg/apiserver/controllers/controller.go. This middleware decompresses incoming request bodies without enforcing a maximum decompressed size. The endpoints /v1/watchers or /v1/watchers/login require no authentication. An...

8.2CVSS5.8AI score0.00115EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/05/27 7:57 p.m.13 views

GHSA-273H-GVWR-C3QJ CrowdSec LAPI: Denial of Service via Unbounded Gzip Decompression

The LAPI router uses gin-contrib/gzip with DefaultDecompressHandle globally pkg/apiserver/controllers/controller.go. This middleware decompresses incoming request bodies without enforcing a maximum decompressed size. The endpoints /v1/watchers or /v1/watchers/login require no authentication. An...

8.2CVSS5.8AI score0.00115EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2023/04/04 1:51 p.m.33 views

Sorting Through Haystacks to Find CTI Needles

Clouded vision CTI systems are confronted with some major issues ranging from the size of the collection networks to their diversity, which ultimately influence the degree of confidence they can put on their signals. Are they fresh enough and sufficiently reliable to avoid any false positives or...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2022/12/22 12:39 p.m.24 views

The Era of Cyber Threat Intelligence Sharing

We spent forty years defending ourselves as individuals. Trying to outsmart cybercriminals, outpower them, and when all our efforts failed, only then we considered banding together with our peers to outnumber them. Cybercriminals don't reinvent themselves each time. Their resources are limited, a...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2022/03/28 12:9 p.m.34 views

Of Cybercriminals and IP Addresses

You don't like having the FBI knocking on your door at 6 am in the morning. Surprisingly, nor does your usual cybercriminal. That is why they hide at least the good ones, for example, behind layers of proxies, VPNs, or TOR nodes. Their IP address will never be exposed directly to the target's...

7AI score
Exploits0
Rows per page
Query Builder