376 matches found
dev.i10416:slackapis-core_sjs1_2.13 (>=0.0.1 <=0.0.2), org.http4s:http4s-ember-client_sjs1_2.13 (>=1.0.0-M24 <=1.0.0-M44) +1 more potentially affected by CVE-2025-59822 via org.http4s:http4s-ember-core_sjs1_2.13 (>=1.0.0-M24 <=1.0.0-M44)
org.http4s:http4s-ember-coresjs12.13 MAVEN version =1.0.0-M24, =0.0.1, =1.0.0-M24, =1.0.0-M24, =1.0.0-M44 Source cves: CVE-2025-59822 Source advisory: SNYK:JAVA-ORGHTTP4S-13019561...
dev.i10416:slackapis-core_2.13 (>=0.0.1 <=0.0.2), es.weso:rdfshape-server_2.13 (>=0.0.73 <=0.2.14) +16 more potentially affected by CVE-2025-59822 via org.http4s:http4s-ember-core_2.13 (>=1.0.0-M10 <=1.0.0-M44)
org.http4s:http4s-ember-core2.13 MAVEN version =1.0.0-M10, =0.0.1, =0.0.73, =0.1.90, =0.1.90, =0.1.90, =0.1.91, =0.1.109, =0.1.91, =0.1.101, =0.0.82, =0.1.91, =0.1.0, =2.1.0, =2.1.0, =2.2.2 and more Source cves: CVE-2025-59822 Source advisory: OSV:GHSA-WCWH-7GFW-5WRR...
co.topl:bifrost-daml-broker_2.13 (=1.0.0.beta-2), co.topl:brambl-cli_2.13 (>=2.0.0-beta1 <=2.0.0-beta6) +120 more potentially affected by CVE-2025-59822 via org.http4s:http4s-ember-core_2.13 (>=0.10.0-M10 <=0.23.30)
org.http4s:http4s-ember-core2.13 MAVEN version =0.10.0-M10, =2.0.0-beta1, =0.17.0, =0.17.0, =0.17.0, =0.17.0, =0.17.0, =0.17.0, =0.0.0-3-cca5341b, =0.12.1, =7.1.0, =0.1.0, =0.21.0, =0.20.4, =0.22.1 and more Source cves: CVE-2025-59822 Source advisory: OSV:GHSA-WCWH-7GFW-5WRR...
dev.i10416:slackapis-core_2.12 (>=0.0.1 <=0.0.2), es.weso:rdfshape-server_2.12 (=0.0.73) +16 more potentially affected by CVE-2025-59822 via org.http4s:http4s-ember-core_2.12 (>=1.0.0-M2 <=1.0.0-M4)
org.http4s:http4s-ember-core2.12 MAVEN version =1.0.0-M2, =0.0.1, =0.1.90, =0.1.90, =0.1.90, =0.1.91, =0.1.109, =0.1.91, =0.1.101, =0.0.82, =0.0.14, =0.1.91, =2.1.0, =2.1.0, =2.2.2 and more Source cves: CVE-2025-59822 Source advisory: SNYK:JAVA-ORGHTTP4S-13019566...
io.chrisdavenport:shellserve_sjs1_2.12 (=0.0.2) potentially affected by CVE-2025-59822 via org.http4s:http4s-ember-server_sjs1_2.12 (=0.23.12)
org.http4s:http4s-ember-serversjs12.12 MAVEN version =0.23.12 is affected by a known vulnerability. The following packages have a transitive dependency on org.http4s:http4s-ember-serversjs12.12 and may be impacted: - io.chrisdavenport:shellservesjs12.12 =0.0.2 Source cves: CVE-2025-59822 Source...
HTTP Request Smuggling
Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...
HTTP Request Smuggling
Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...
HTTP Request Smuggling
Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...
HTTP Request Smuggling
Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...
HTTP Request Smuggling
Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...
HTTP Request Smuggling
Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...
ai.starlake:quack-on-demand_3 (>=0.1.0 <=0.3.1), com.47deg:energy-monitor-persistence-app_3 (=0.2.0) +78 more potentially affected by CVE-2025-59822 via org.http4s:http4s-ember-server_3 (>=0.22.14 <=0.23.30)
org.http4s:http4s-ember-server3 MAVEN version =0.22.14, =0.1.0, =0.17.0, =0.17.0, =0.17.0, =0.17.0, =0.0.1, =0.12.1, =7.1.0, =0.22.0, =1.9.3, =6.9.0, =1.0.0, =1.0.0, =5.0.0 - com.xebia:karat-scalacheck-http4s3 =0.0.6 and more Source cves: CVE-2025-59822 Source advisory: SNYK:JAVA-ORGHTTP4S-130195...
io.getkyo:kyo-bench_3 (=1.0.0-RC2), io.github.linyxus:papiers-core_3 (=0.2.0) +4 more potentially affected by CVE-2025-59822 via org.http4s:http4s-ember-server_3 (>=1.0.0-M29 <=1.0.0-M44)
org.http4s:http4s-ember-server3 MAVEN version =1.0.0-M29, =0.1, =0.1, =0.9.0, =0.9.4 Source cves: CVE-2025-59822 Source advisory: SNYK:JAVA-ORGHTTP4S-13019550...
ai.starlake:quack-on-demand_3 (>=0.1.0 <=0.3.1), com.47deg:energy-monitor-persistence-app_3 (=0.2.0) +164 more potentially affected by CVE-2025-59822 via org.http4s:http4s-ember-core_3 (>=0.22.0-M8 <=0.23.30)
org.http4s:http4s-ember-core3 MAVEN version =0.22.0-M8, =0.1.0, =0.17.0, =0.17.0, =0.17.0, =0.17.0, =0.17.0, =0.17.0, =0.0.1, =1.0.0, =0.12.1, =7.1.0, =0.22.0, =0.22.1 and more Source cves: CVE-2025-59822 Source advisory: OSV:GHSA-WCWH-7GFW-5WRR...
com.armanbilge:sbt-bundlemon_2.12_1.0 (=0.1.4), com.avast:sst-bundle-monix-http4s-ember_2.12 (>=0.17.0 <=0.19.3) +67 more potentially affected by CVE-2025-59822 via org.http4s:http4s-ember-core_2.12 (>=0.10.0-M10 <=0.23.30)
org.http4s:http4s-ember-core2.12 MAVEN version =0.10.0-M10, =0.17.0, =0.17.0, =0.17.0, =0.17.0, =0.17.0, =0.17.0, =0.0.0-3-cca5341b, =0.12.1, =7.1.0, =0.21.0, =0.20.4, =0.21.0, =0.21.0, =0.21.0, =0.22.1 and more Source cves: CVE-2025-59822 Source advisory: OSV:GHSA-WCWH-7GFW-5WRR...
dev.hnaderi:scala-k8s-http4s-ember_native0.4_2.12 (>=0.11.0 <=0.25.0), dev.hnaderi:scala-k8s-http4s_native0.4_2.12 (>=0.4.0 <=0.10.0) +3 more potentially affected by CVE-2025-59822 via org.http4s:http4s-ember-core_native0.4_2.12 (>=0.23.16 <=0.23.30)
org.http4s:http4s-ember-corenative0.42.12 MAVEN version =0.23.16, =0.11.0, =0.4.0, =0.23.16, =0.23.16, =0.0.1, =0.0.9 Source cves: CVE-2025-59822 Source advisory: SNYK:JAVA-ORGHTTP4S-13019565...
HTTP Request Smuggling
Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...
com.avast:sst-bundle-monix-http4s-ember_2.12 (>=0.17.0 <=0.19.3), com.avast:sst-bundle-zio-http4s-ember_2.12 (>=0.17.0 <=0.19.3) +25 more potentially affected by CVE-2025-59822 via org.http4s:http4s-ember-server_2.12 (>=0.22.10 <=0.23.30)
org.http4s:http4s-ember-server2.12 MAVEN version =0.22.10, =0.17.0, =0.17.0, =0.17.0, =0.17.0, =0.0.0-3-cca5341b, =0.12.1, =7.1.0, =0.20.4, =1.6.29, =1.6.29, =1.6.29, =0.8.0-rab.1, =0.1.0, =0.14.0-M2 and more Source cves: CVE-2025-59822 Source advisory: SNYK:JAVA-ORGHTTP4S-13019551...
com.kubukoz:spotify-next_native0.4_3 (>=1.9.3 <=1.11.3), dev.hnaderi:scala-k8s-http4s-ember_native0.4_3 (>=0.11.0 <=0.25.0) +34 more potentially affected by CVE-2025-59822 via org.http4s:http4s-ember-core_native0.4_3 (>=0.23.16 <=0.23.30)
org.http4s:http4s-ember-corenative0.43 MAVEN version =0.23.16, =1.9.3, =0.11.0, =0.4.0, =0.0.1, =0.1.0+0.0.1, =2.14.0+0.0.1, =0.9.0+0.0.1, =2.12.0+0.0.1, =0.15.0+0.0.1, =2.13.0+0.0.1, =2.34.0+0.0.1, =2.20.0+0.0.1, =1.11.0+0.0.1, =1.44.0+0.0.6 - io...
org.http4s:http4s-ember-client_native0.4_3 (>=1.0.0-M37 <=1.0.0-M44), org.http4s:http4s-ember-server_native0.4_3 (>=1.0.0-M37 <=1.0.0-M44) potentially affected by CVE-2025-59822 via org.http4s:http4s-ember-core_native0.4_3 (>=1.0.0-M37 <=1.0.0-M44)
org.http4s:http4s-ember-corenative0.43 MAVEN version =1.0.0-M37, =1.0.0-M37, =1.0.0-M37, =1.0.0-M44 Source cves: CVE-2025-59822 Source advisory: SNYK:JAVA-ORGHTTP4S-13019564...