Lucene search
K

7 matches found

Vulnrichment
Vulnrichment
added 2026/03/17 10:45 p.m.2 views

CVE-2026-22727 Cloud Foundry unprotected internal endpoints

Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment v54.9.0 and below on all platforms allows any user who has bypassed the firewall to potentially replace droplets and therefore applications allowing them to access secure application information...

7.5CVSS5.8AI score0.00199EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/01/05 10:58 p.m.8 views

AIOHTTP's unicode processing of header values could cause parsing discrepancies

Summary The Python HTTP parser may allow a request smuggling attack with the presence of non-ASCII characters. Impact If a pure Python version of aiohttp is installed i.e. without the usual C extensions or AIOHTTPNOEXTENSIONS is enabled, then an attacker may be able to execute a request smuggling...

6.5CVSS7.2AI score0.00213EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2002-2416

Malware in sbrugna...

7.5CVSS7.5AI score0.03742EPSS
Exploits1References18
Vulnrichment
Vulnrichment
added 2025/09/03 9:39 a.m.16 views

CVE-2025-9821 SSRF via webhook function

SummaryUsers with webhook permissions can conduct SSRF via webhooks. If they have permission to view the webhook logs, the partial request response is also disclosed DetailsWhen sending webhooks, the destination is not validated, causing SSRF. ImpactBypass of firewalls to interact with internal...

2.7CVSS6.1AI score0.00283EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/12/19 4:40 p.m.14 views

aiohttp: aiohttp vulnerable to request smuggling due to incorrect parsing of chunk extensions

A flaw was found in the aiohttp package. The Python parser parses newlines in chunk extensions incorrectly, which can lead to request smuggling vulnerabilities under certain conditions. If a pure Python version of aiohttp is installed, for example, without the usual C extensions, or...

7.5CVSS7.3AI score0.00576EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/11/07 10:27 a.m.5 views

squid: Request/Response smuggling in HTTP/1.1 and ICAP

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...

9.3CVSS5.9AI score0.05255EPSS
Exploits0References5
OSV
OSV
added 2023/11/03 8:15 a.m.2 views

ALPINE-CVE-2023-46846

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...

5.3CVSS7AI score0.05255EPSS
Exploits0References1
Rows per page
Query Builder