MGASA-2026-0120 Updated perl-Starlet packages fix security vulnerability

Starlet versions through 0.31 for Perl allow HTTP Request Smuggling via Improper Header Precedence. CVE-2026-40561...

Updated perl-Starlet packages fix security vulnerability

Starlet versions through 0.31 for Perl allow HTTP Request Smuggling via Improper Header Precedence. CVE-2026-40561...

CLSA-2026-1778129970 python3.11: Fix of 7 CVEs

CVE-2026-0672: reject control characters in http.cookies cookie names, values, and parameters to prevent header injection - CVE-2026-3644: reject control characters in Morsel.update, |= operator, and unpickling paths missed by CVE-2026-0672; add output validation to BaseCookie.jsoutput -...

SUSE-SU-2026:1733-1 Security update for the Linux Kernel (Live Patch 26 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.103 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during...

Kubetail has a Cross-Site WebSocket Hijacking issue that allows attacker to read Kubernetes logs from authenticated users

Summary Kubetail's dashboard exposes WebSocket endpoints that did not adequately validate the Origin header on connection upgrade. A malicious web page visited by a user with an active Kubetail session could open a WebSocket to the user's dashboard and read their Kubernetes logs in real time. Thi...

GHSA-V8J7-HP7C-738F Kubetail has a Cross-Site WebSocket Hijacking issue that allows attacker to read Kubernetes logs from authenticated users

Summary Kubetail's dashboard exposes WebSocket endpoints that did not adequately validate the Origin header on connection upgrade. A malicious web page visited by a user with an active Kubetail session could open a WebSocket to the user's dashboard and read their Kubernetes logs in real time. Thi...

SUSE CVE-2026-31747

In the Linux kernel, the following vulnerability has been resolved: comedi: me4000: Fix potential overrun of firmware buffer me4000xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to overrun the source buffer because it blindly trusts the file format...

SUSE CVE-2026-32597

PyJWT is a JSON Web Token implementation in Python. Prior to 2.12.0, PyJWT does not validate the crit Critical Header Parameter defined in RFC 7515 �4.1.11. When a JWS token contains a crit array listing extensions that PyJWT does not understand, the library accepts the token instead of rejecting...

GHSA-7J59-V9QR-6FQ9 Kiota abstractions RedirectHandler leaks Cookie/Proxy-Authorization headers on cross-host redirect

Summary The RedirectHandler middleware in microsoft/kiota-java com.microsoft.kiota:microsoft-kiota-http-okHttp v1.9.0 and other Kiota libraries fails to strip sensitive HTTP headers when following 3xx redirects to a different host or scheme. This vulnerability is present in the RedirectHandlers...

NPM: Kiota abstractions RedirectHandler leaks Cookie/Proxy-Authorization headers on cross-host redirect

NPM: Kiota abstractions RedirectHandler leaks Cookie/Proxy-Authorization headers on cross-host redirect vulnerability discovered by ? in WordPress Npm kiota-typescript versions 1.0.0-preview.100...

HTTP Request Smuggling

Overview io.netty:netty-codec-http is a network application framework for rapid development of maintainable high performance protocol servers & clients. Affected versions of this package are vulnerable to HTTP Request Smuggling when parsed HTTP requests contain malformed Transfer-Encoding headers...

Netty Lz4FrameDecoder is vulnerable to resource exhaustion

Summary Lz4FrameDecoder allocates a ByteBuf of size decompressedLength up to 32 MB per block before LZ4 runs. A peer only needs a 21-byte header plus compressedLength payload bytes - 22 bytes if compressedLength == 1 - to force that allocation. Details...

Netty HTTP/3 QPACK literal unbounded allocation

Summary When Netty decodes HTTP/3 headers, it sometimes runs new bytelength using a length from the wire before checking that many bytes are really there. A small malicious header can claim a huge length on the order of a gigabyte. Details When decoding header blocks, the non-Huffman branch of...

GHSA-2C5C-CHWR-9HQW Netty HTTP/3 QPACK literal unbounded allocation

Summary When Netty decodes HTTP/3 headers, it sometimes runs new bytelength using a length from the wire before checking that many bytes are really there. A small malicious header can claim a huge length on the order of a gigabyte. Details When decoding header blocks, the non-Huffman branch of...

Netty HTTP/1.0 TE+CL Coexistence Bypasses Smuggling Sanitization

NETTY HTTP/1.0 TE+CL Coexistence Bypasses Smuggling Sanitization | Field | Value | |-----------|-------| | Library | io.netty:netty-codec-http | | Component | codec-http — HttpObjectDecoder | | Severity | HIGH | | Affects | HEAD, commit 4f3533ae confirmed | --- Summary HttpObjectDecoder strips a...

Netty has HTTP Header Injection via HttpProxyHandler Disabled Validation (Incomplete Fix CVE-2025-67735)

Security Vulnerability Report: HTTP Header Injection via HttpProxyHandler Disabled Validation in Netty 1. Vulnerability Summary | Field | Value | |-------|-------| | Product | Netty | | Version | 4.2.12.Final and all prior versions | | Component | io.netty.handler.proxy.HttpProxyHandler | |...

GHSA-45Q3-82M4-75JR Netty has HTTP Header Injection via HttpProxyHandler Disabled Validation (Incomplete Fix CVE-2025-67735)

Security Vulnerability Report: HTTP Header Injection via HttpProxyHandler Disabled Validation in Netty 1. Vulnerability Summary | Field | Value | |-------|-------| | Product | Netty | | Version | 4.2.12.Final and all prior versions | | Component | io.netty.handler.proxy.HttpProxyHandler | |...

CRLF Injection

Overview Affected versions of this package are vulnerable to CRLF Injection in the newInitialMessage function of HttpProxyHandler when header validation is explicitly disabled and user-influenced outboundHeaders are added without sanitization. An attacker can inject arbitrary HTTP headers into...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: squid (UTSA-2026-016516)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016516 advisory. A flaw was found in Squid. The limits applied for validation of HTTP response headers are applied before caching. However, Squid may grow a cached HTTP response head...

PT-2026-38375

Name of the Vulnerable Software and Affected Versions Netty versions prior to 4.2.13.Final Description When decoding HTTP/3 header blocks, the non-Huffman branch of the decodeHuffmanEncodedLiteral function in io.netty.handler.codec.http3.QpackDecoder may execute new bytelength for a string litera...