Lucene search
K

10 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2026/02/03 12:0 a.m.4 views

Security update for python-h2 (moderate)

openSUSE security update: security update for python-h2 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20122-1 Rating: moderate References: bsc1248737 Cross-References: CVE-2025-57804 CVSS scores: CVE-2025-57804 SUSE : 5.3...

6.9CVSS5.4AI score0.01596EPSS
Exploits0References1
OSV
OSV
added 2026/01/28 3:47 p.m.2 views

SUSE-SU-2026:20187-1 Security update for python-h2

This update for python-h2 fixes the following issues: - CVE-2025-57804: Fixed HTTP Request Smuggling due to illegal characters in headers bsc1248737...

6.9CVSS7.1AI score0.01596EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/09/19 12:12 p.m.3 views

Security update for python-h2

This update for python-h2 fixes the following issues: CVE-2025-57804: Fixed HTTP Request Smuggling due to illegal characters in headers bsc1248737 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...

6.9CVSS6.7AI score0.01596EPSS
Exploits0References4
Amazon
Amazon
added 2025/09/15 12:0 a.m.9 views

Medium: python-h2

Issue Overview: h2 is a pure-Python implementation of a HTTP/2 protocol stack. Prior to version 4.3.0, an HTTP/2 request splitting vulnerability allows attackers to perform request smuggling attacks by injecting CRLF characters into headers. This occurs when servers downgrade HTTP/2 requests to...

6.9CVSS6.8AI score0.01596EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/09/15 12:0 a.m.2 views

openSUSE Security Advisory (SUSE-SU-2025:03199-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS6.8AI score0.01596EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/09/12 12:19 p.m.2 views

Security update for python-h2

This update for python-h2 fixes the following issues: CVE-2025-57804: Fixed HTTP Request Smuggling due to illegal characters in headers bsc1248737 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...

6.9CVSS6.7AI score0.01596EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/08/26 7:10 a.m.2 views

CVE-2025-57804

A vulnerability was found in python-hyper/h2 that contains an input validation flaw that allows carriage return and line feed CRLF characters to be injected into HTTP/2 header fields. When requests are downgraded from HTTP/2 to HTTP/1.1, the library fails to enforce proper header validation, whic...

6.9CVSS6.3AI score0.01596EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/08/25 9:15 p.m.2 views

CVE-2025-57804

h2 is a pure-Python implementation of a HTTP/2 protocol stack. Prior to version 4.3.0, an HTTP/2 request splitting vulnerability allows attackers to perform request smuggling attacks by injecting CRLF characters into headers. This occurs when servers downgrade HTTP/2 requests to HTTP/1.1 without...

6.9CVSS7.1AI score0.01596EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/08/25 9:4 p.m.5 views

CVE-2025-57804

h2 is a pure-Python implementation of a HTTP/2 protocol stack. Prior to version 4.3.0, an HTTP/2 request splitting vulnerability allows attackers to perform request smuggling attacks by injecting CRLF characters into headers. This occurs when servers downgrade HTTP/2 requests to HTTP/1.1 without...

6.9CVSS5.3AI score0.01596EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/25 8:44 p.m.3 views

aapns (>=19.11.0 <=23.7.0), abq (>=0.1.0 <=0.1.4) +372 more potentially affected by CVE-2025-57804 via h2 (>=2.4.4 <=4.2.0)

h2 PYPI version =2.4.4, =19.11.0, =0.1.0, =0.0.1, =0.0.1, =0.4.0, =0.4.0, =2.1.0, =0.1.0, =2.0.0, =20.3.0rc1, =0.2.1, =0.3.2, =0.3.6, =0.3.8 and more Source cves: CVE-2025-57804 Source advisory: OSV:GHSA-847F-9342-265H...

6.9CVSS6AI score0.01596EPSS
Exploits0
Rows per page
Query Builder